19:02:19 <cait> #startmeeting  Development IRC Meeting 22 March 2016
19:02:19 <huginn> Meeting started Tue Mar 22 19:02:19 2016 UTC.  The chair is cait. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:02:19 <huginn> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
19:02:19 <huginn> The meeting name has been set to 'development_irc_meeting_22_march_2016'
19:02:26 <cait> #topic Introductions
19:02:26 <wahanui> #info wahanui, a bot that has become sentient
19:02:39 <cait> please introduce yourself with #info, following wahanui's example
19:02:47 <cait> #info Katrin Fischer, BSZ, Germany
19:02:51 <cait> #chair bag
19:02:51 <huginn> Current chairs: bag cait
19:02:59 <cait> today's agenda is at
19:03:05 <cait> #link https://wiki.koha-community.org/wiki/Development_IRC_meeting_22_March_2016
19:03:45 <cait> hm anyone around?
19:03:55 <cait> pianohacker: ?
19:03:59 <bag> hello
19:04:19 <bag> #info Brendan Gallagher - ByWater
19:04:28 <pianohacker> #info Jesse Weaver - ByWater
19:04:51 <pianohacker> we aren't too late for EU and too early for NZ, are we?
19:04:54 <gmcharlt> #info Galen Charlton - ESI
19:05:19 <eythian> wahanui: anyone around is <reply>no one but us, $who
19:05:20 <wahanui> OK, eythian.
19:05:32 <cait> it's 8pm in europe, so after work hours
19:05:45 <eythian> 8am in NZ
19:06:15 <cait> kind of in between i guess
19:07:16 <pianohacker> guess we can wait until 15 after or so for stragglers?
19:08:26 <cait> yeah, let's wait a bit
19:11:13 <cait> rangi is still on the bus
19:11:25 <cait> hi drojf - please introduce yourself
19:12:08 <tcohen> #info Tomas Cohen Arazi, Theke Solutions
19:13:13 <jajm> #info Julian Maurice, BibLibre
19:14:13 <cait> ok
19:14:21 <cait> I think we can continue
19:14:28 <pianohacker> barton is coming
19:14:35 <cait> #Announcements
19:14:39 <cait> #topic Announcements
19:14:43 <barton> #info Barton Chittenden, Bywater Solutions, Louisville KY, USA
19:14:51 <cait> bag?
19:14:51 <wahanui> it's his birthday!
19:14:55 <bag> HA
19:15:10 <bag> not much to report.  working on PQA
19:15:14 <barton> I thought it was Trae's birthday.
19:15:38 <bag> I also plan to have a talk with gmcharlt later this week dealing with a URL::Encode package isue
19:15:52 <bag> gmcharlt: and I have already communicated about this.  More to follow
19:16:08 <cait> ok
19:16:09 <bag> we both feel that it should be rewritten using some packages that are already in koha
19:16:28 <bag> now I just need to find someone to do that ;)
19:16:40 * gmcharlt sneezes
19:16:56 <cait> I got something too: I'd like to remind about the GBSD on Thursday this week
19:17:03 <cait> #link https://wiki.koha-community.org/wiki/2016-03-24_Global_bug_squashing_day
19:18:01 <cait> anything else?
19:18:01 <wahanui> anything else is just being crap
19:18:10 <bag> any questions for me?
19:18:14 <drojf> #info mirko tietgen, berlin, germany
19:18:48 <cait> quiet... :)
19:18:50 <cait> ok, moving on
19:19:01 <cait> #topic Review coding guidelines
19:19:11 <cait> there are no suggestions for new coding guidelines on the wiki
19:19:50 <cait> after discussion on the mailing list it was decided to remove PERL12
19:19:54 <pianohacker> just killing that one
19:20:00 <cait> and also remove the remaining versions from the source code
19:20:08 <cait> pianohacker: do you have the bug number on hand?
19:20:29 <pianohacker> no :/
19:21:03 <rangi> #info chris cormack, catalyst
19:21:40 <cait> bug 16011
19:21:41 <huginn> 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=16011 enhancement, P5 - low, ---, jonathan.druart, Signed Off , Remove $VERSION from our modules
19:21:57 <cait> if noone disagrees i will log that as an info
19:22:27 <cait> #info PERL12 to be deleted, remaining $VERSION will be removed by bug 16011
19:22:42 <pianohacker> fine by me
19:22:54 <cait> i think no khall - and i think he won't have time for the revamp of the coding guidelnes for a bit longer :)
19:23:13 <pianohacker> nope :)
19:23:15 <cait> so i'd jump over that if noone wants to add something
19:23:21 <pianohacker> do we want to vote on the idea, at least?
19:23:28 <cait> we already did
19:23:38 <cait> he wanted to add a new page with the suggested changes
19:23:54 <cait> and that was agreed on
19:24:22 <cait> does someone have other things for thistopic?
19:25:12 <cait> ok, moving on then
19:25:27 <cait> #topic Bugs in discussion
19:25:34 <cait> bug 9254
19:25:35 <huginn> 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9254 enhancement, P2, ---, vfernandes, In Discussion , New option to block patrons from changing messaging preferences in OPAC
19:25:45 <cait> A lot of people have asked for it, but it's kind of stuck
19:26:26 <cait> It would be great to get some comments and see this moving again
19:27:02 <cait> there was some disagreement about which options to offer
19:27:20 <pianohacker> bag: do we have any partners that can poke that who would want it?
19:27:44 <bag> not sure
19:27:59 <cait> we currently hide it with jquery for a lot of ours... but a pref would be nicer (and safer)
19:28:44 <rangi> hmm
19:29:08 <rangi> seems the patches are a bit broken
19:29:19 <cait> nengard commented she#d like it ;)
19:29:21 <rangi> Works as described. But the patch only hides the link,
19:29:21 <rangi> not disable the feature. If you refresh OPAC after unset
19:29:21 <rangi> EnhancedMessagingPreferencesOPAC, you can still change
19:29:22 <rangi> your messaging preferences.
19:29:32 <barton> pianohacker, bag: I had a ticket requesting that recently, I'll dig it up.
19:29:33 <rangi> that doesn't seem finished to me
19:29:50 <cait> thx
19:30:00 <cait> ... there are more stuck in discussion... but have to start somewhere :)
19:30:11 <cait> anyone else?
19:30:32 <cait> moving on?
19:31:02 <cait> #topic General development discussion
19:31:12 <cait> ok, there are 4 topics listed
19:31:40 <cait> we already discussed a bit about the  merge of the borrowers tables at one of the last meetings
19:31:47 <cait> i am not sure if we have new info on this?
19:31:55 <pianohacker> I don't think so
19:31:58 <pianohacker> and no Joubu
19:32:11 <cait> ok
19:32:23 <cait> Preventing XSS attacks
19:32:34 <cait> our first attempt failed - anyone new info/ideas to share?
19:32:42 <rangi> no
19:32:48 <rangi> just that it is the right direction
19:32:57 <rangi> it just has to be done in a faster way
19:33:07 <rangi> ie, everything should be escaped by default
19:33:32 <rangi> The approach was dead right, it was just not performant
19:33:46 <pianohacker> why was the previous one so slow?
19:33:58 <cait> i tihnk being too many variables on some pages
19:34:23 <bag> perhaps as we get more of the caching done - then we could retry that?  see if it’s still such a big hit?
19:34:25 <cait> adding up to a bigger performance issue
19:34:29 <pianohacker> right, but a lot of those are completely unavoidable (without major rearchitecting)
19:35:09 <pianohacker> bag: and the caching we've been adding wouldn't really affect that , unfortunately.
19:35:16 <bag> boo
19:35:39 <pianohacker> rangi: would marking more things as pre-escaped help any, do you think?
19:35:48 <rangi> probably not
19:36:17 <rangi> caching template fragments would though
19:36:32 <rangi> 2 secs
19:38:03 <rangi> https://perldoc.koha-community.org/Koha/Template/Plugin/Cache.html
19:39:35 <rangi> probably would need to reorganise some pages, but I think there are big chunks that don't need to be rerendered every page
19:40:01 <rangi> does that make sense?
19:40:18 <cait> i think one of he problmatic pages was authority import?
19:40:29 <cait> just trying to remember, it's probably on the bug
19:40:52 <jajm> will it prevent template variables to be escaped ?
19:41:34 <rangi> sorry I dont understand the question jajm
19:42:34 <jajm> template variables that are used only in cached template fragments
19:42:42 <rangi> no
19:42:48 <jajm> i thought all variables were automatically escaped
19:42:51 <rangi> no
19:42:59 <rangi> thats what this bug tried to do
19:43:03 <rangi> but it was too slow
19:43:23 <jajm> ok
19:43:25 <rangi> at the moment we manually escape them, and people forget to do it, and we get xss vulnerabilities
19:44:46 <rangi> what caching bits of the template means, is they get evaluated once, the same way as everything does now, and then put in a cache, and just returned from that, until it is stale. if you cache the borrowernumber as part of the key you could easily cache the top part of pretty much all the opac etc
19:45:16 <rangi> anyway, something to experiment with maybe
19:45:20 <pianohacker> yeah
19:45:31 <pianohacker> do we know why the variable escaping itself was slow?
19:45:36 <jajm> rangi, i am not sure to understand, you suggest to use template::stash::autoescaping + caching, or just caching ?
19:45:47 <pianohacker> because that's a really common practice in modern html template libraries
19:45:50 <rangi> both
19:46:04 <rangi> pianohacker: exactly, so i feel like it's something we can fix
19:46:07 <pianohacker> and, well, it's a friggin regex, perl can handle those :P
19:46:14 <rangi> it's written up on the bug i think
19:46:53 <rangi> jajm: both, i think the caching will help anyway, and I think we need to autoescape too
19:47:05 <cait> ithink more information to be found at the bug
19:47:24 <rangi> pianohacker: it may be we just looped too much, not sure
19:47:26 <cait> are we ok to move on for now? something that i should log?
19:47:45 <pianohacker> cait: just one thing
19:47:52 <pianohacker> rangi: do you have that bug number?
19:48:18 <rangi> bug 13618
19:48:19 <huginn> 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13618 enhancement, P5 - low, ---, jonathan.druart, BLOCKED , Prevent XSS in the Staff Client and the OPAC
19:48:27 <pianohacker> thanks
19:48:27 <cait> pianohacker: it's on the agneda ;)
19:48:39 <pianohacker> I totally missed that :)
19:48:52 <cait> i'd like to talk about benchmarking first if that's ok?
19:48:59 <cait> or next
19:49:05 <cait> as we have seen a lot of activity there
19:49:18 <barton> #link https://perldoc.koha-community.org/Koha/Template/Plugin/Cache.htm
19:49:27 <pianohacker> cait: yeah, definitely
19:49:33 <cait> i think the bug linked on the agenda is not right
19:49:42 <cait> probably me getting the sequence wrong again
19:50:05 <cait> bug 15342
19:50:06 <huginn> 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15342 enhancement, P5 - low, ---, jonathan.druart, NEW , Performance 3.22 - Omnibus
19:50:22 <cait> pianohacker: could you maybe say something about the work so far?
19:50:57 <cait> link on the agenda is fixed now
19:51:16 <pianohacker> cait: reviewing all the linked bugs real quick
19:51:24 <cait> bug 11998 is the pushed one
19:51:25 <huginn> 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=11998 major, P5 - low, ---, jonathan.druart, Pushed to Master , Syspref caching issues
19:51:30 <cait> ... which broke my opac
19:51:40 <cait> and yes, that's a complaint ;)
19:51:46 <pianohacker> which is... less than good, but we'll fix it
19:51:55 <cait> hope so :)
19:52:17 <pianohacker> bug 15350 is a big pain point, though it's less of a big deal for Plack
19:52:18 <huginn> 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=15350 enhancement, P5 - low, ---, jonathan.druart, In Discussion , DBIx::Class Startup speed
19:52:52 <bag> yes
19:53:10 <pianohacker> any suggestions there are welcome; I had a basic POC that only really helps with Plack (and even then only with the first load on a new worker)
19:54:46 <pianohacker> finally, I've been working with Joubu on a very promising set of patches
19:54:49 <pianohacker> bug 16044?
19:54:50 <huginn> 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=16044 enhancement, P1 - high, ---, jonathan.druart, Needs Signoff , Define a L1 cache for all objects set in cache
19:54:53 <pianohacker> yes, okay
19:54:53 <rangi> excellent
19:55:16 <pianohacker> this is intended to bypass the unexpectedly high cost of deserializing stuff from memcached
19:55:31 <pianohacker> Joubu added what amounts to a per-process in-memory cached
19:56:30 <pianohacker> I added some code to a) clear this new L1 cache less often, by storing a modification time in memcached and b) avoid some of the object-cloning protections Joubu/Jacek have put in place
19:57:04 <rangi> cool
19:57:10 <pianohacker> any technical comments on that bug would be very very welcome; I know that the approach we've made is _spectacular_ for performance, especially search, but we need to make sure it's safe
19:57:19 <bag> could be good to bring up on GBSD
19:57:23 <pianohacker> cait: that's all I've got
19:57:59 <cait> that's not bad - i am very glad to see work on the performance issues
19:58:09 <cait> :)
19:58:12 <bag> 61 days until release - that would be good to get in quickly so we have time to test
19:58:18 <pianohacker> agreed
19:58:19 <cait> true
19:58:31 <cait> pianohacker: could you add anything you need testers for to the gbsd page?
19:58:37 <pianohacker> cait: yup yup
19:58:40 <cait> thx
19:58:48 <rangi> pianohacker: yeah im happy to spend time testing that on gbsd
19:58:49 <bag> ES too - everyone is really excited for it - but need sign off ;)
19:58:57 <cait> ES is on it already :)
19:59:12 <bag> yuppers - just mentioning again ;)
19:59:23 <cait> ok, last topic would be item-level_itype
19:59:29 <cait> do we want to discuss or postpone?
19:59:30 <pianohacker> rangi: cool. If you have any ideas on other ways to do the memcached-modification-time thing (second to last patch) I'd love to hear them
19:59:42 <rangi> righto
19:59:45 <bag> I think we need Joubu here to talk about that cait
19:59:45 <rangi> ill take a look
19:59:49 <pianohacker> cait: we don't have much of a quorum for that touchy of a subject
19:59:53 <pianohacker> rangi: thanks#
19:59:55 <pianohacker> !
19:59:57 <cait> so postpone
20:00:05 <cait> we can move it to top for the next meeting
20:00:09 <pianohacker> yup
20:00:17 <cait> #topic Updates from the QA team
20:00:33 <cait> nothing much from me I am afraid - I have been quite busy but hope to do more this week and probably next
20:00:44 <pianohacker> it may also be worth making a hot-topics list on the agenda that bag could copy-paste into his reminder email and perhaps encourage more people to come
20:00:44 <bag> cool
20:01:07 <cait> ah, maybe it would be good to talk about freeze dates sometime soon
20:01:29 <bag> good point - I’ll work something up this week cait
20:01:45 <cait> #action bag to set freeze dates
20:01:52 <cait> looking at the list of horrible bugs
20:02:00 <cait> there is quite a lot of red at the moment
20:02:08 <cait> also unhappy jenkins
20:02:37 <pianohacker> cait: are you looking at the "FIXME NOW" list?
20:02:41 <cait> 21 bugs critical - blocker
20:02:50 <cait> pianohacker: looking at the one linked on the agenda :)
20:03:00 <cait> #link https://bugs.koha-community.org/bugzilla3/buglist.cgi?cmdtype=dorem&remaction=run&namedcmd=FIXME%20NOW&sharer_id=1
20:03:08 <pianohacker> yup, same one, cool
20:03:17 <cait> yep, didn't see the name first
20:03:33 <cait> 21 is not so nice... should try to bring that way down before release
20:03:44 <cait> some maybe can be recategorized, but needs some work to check
20:03:45 <rangi> and get jenkins green
20:03:59 <pianohacker> tcohen: any comments on the current status of jenkins?
20:04:06 <bag> I can get on 15585 today
20:04:07 <cait> quite a few are LDAP or SIP
20:04:12 <cait> anyone able to test this, please do
20:04:28 <tcohen> i tried providing patches for several failures
20:04:43 <tcohen> but we really need to encourage the devs to fix them
20:04:57 <tcohen> probably with a warning about patches reverted
20:05:06 <cait> #idea add hot topics list to the agenda for use in the reminder email
20:05:08 <wizzyrea> one of those is a 3.8
20:05:28 <cait> fix or revert threat?
20:05:31 <bag> hmm tcohen can you talk with me on GBSD about those patches?  I can do the leg work on getting some comments on those bugs
20:05:42 <tcohen> of course!
20:05:51 <bag> awesome!  thanks
20:06:09 <pianohacker> wizzyrea: bug 9626?
20:06:10 <huginn> 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=9626 critical, P5 - low, ---, koha-bugs, NEW , can't pay FU fines without messing things up
20:06:20 <wizzyrea> bug 14003
20:06:21 <huginn> 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14003 critical, P1 - high, ---, koha-bugs, In Discussion , SIP2 AF Field return 1
20:06:24 <cait> i think that's on mster too - waiting for another test from me or someone else
20:06:32 <cait> i need to verify some weird behaviour i saw is real or not
20:06:36 <cait> for the FU one
20:07:30 <cait> nothing more from me for now :)
20:08:47 <cait> #action bag and tcohen to talk about fixing jenkins
20:08:52 <cait> moving on?
20:08:57 <tcohen> yeah
20:09:02 <cait> #topic Set date for next meeting
20:09:08 <cait> when shall we meet again?
20:10:01 <bag> April 5th
20:10:02 <cait> or asked differently, which rhythm
20:10:13 <cait> next general meeting is on 6th
20:10:25 <cait> so maybe too close
20:10:28 <bag> 12th then?
20:10:42 <cait> +1
20:11:29 <bag> what time?
20:11:29 <wahanui> time is like a big ball of wibbly wobbly... time-y wimey... stuff. or generously donated to giving support in #koha but if you need more help faster than we can give it try http://koha-community.org/support/paid/
20:12:21 <cait> if we use the one from before this one
20:12:24 <cait> it would be 15 UTC
20:12:40 <bag> ok 12 April 2016 at 15 UTC
20:12:57 <drojf> there is the catmandu hackathon. but i think its only half the day
20:13:14 <cait> oh, where is that?
20:13:17 <drojf> berlin
20:13:19 <drojf> stabi
20:13:39 <drojf> johann is organising. 11.+12.04
20:13:43 <cait> ah ok
20:13:47 <cait> 13th?
20:14:02 <cait> 13th, 15 UTC?
20:14:25 <cait> please saysomething :)
20:14:29 <drojf> woud work for me
20:14:31 <drojf> would
20:14:34 <cait> bag?
20:14:34 <wahanui> I LIKE BASEBALL!
20:14:44 <drojf> everyone else? :)
20:14:49 <bag> I LIKE BASEBALL
20:14:52 <bag> works for me
20:14:54 <bag> 13th
20:15:25 <cait> #agreed Next meeting will be April 13th, 15 UTC
20:15:26 <cait> #endmeeting