Time Nick Message 00:09 irmab hi #koha 01:39 kidclamp @later tell tcohen I will be in as early as possible but your turn to chair :b 01:39 huginn kidclamp: The operation succeeded. 06:12 drojf morning #koha 06:27 * mtj waves to drojf 06:31 drojf hi mtj 06:34 * cait waves 06:35 cait 16.11.04 is out! :) 06:36 drojf hi cait 06:39 drojf cait++ 06:39 drojf cait: any weird things i should be looking out for 06:40 drojf ? 06:40 cait i hope not 06:40 cait it's the biggest one so far, but i hope i haven't missed something 06:41 cait the nightly is green at least 06:41 cait :) 06:42 drojf the nightly was also green when postinst was broken in master :P it needs more checks, so far it assumes package built=done 06:42 drojf but sounds good :) 07:01 LibraryClaire morning #koha 07:01 drojf hi LibraryClaire 07:01 LibraryClaire moin drojf 07:11 reiveune hello 07:13 LibraryClaire hi reiveune 07:30 mtj congrats cait++ - i am working on a 16.05.x release now 07:30 cait mtj++ :) 07:30 cait bbia 07:30 cait b 07:31 drojf 16.11.04 package is out 07:59 magnuse drojf++ 08:00 * magnuse waves 08:00 magnuse @wunder enbo 08:00 drojf hei magnuse 08:00 huginn magnuse: The current temperature in Bodo, Norway is -7.0°C (8:50 AM CET on February 22, 2017). Conditions: Clear. Humidity: 74%. Dew Point: -11.0°C. Windchill: -16.0°C. Pressure: 28.88 in 978 hPa (Falling). 08:00 drojf @wunder sxf 08:00 huginn drojf: The current temperature in Berlin Schoenefeld, Germany is 9.0°C (8:50 AM CET on February 22, 2017). Conditions: Mostly Cloudy. Humidity: 87%. Dew Point: 7.0°C. Pressure: 29.50 in 999 hPa (Steady). 08:00 magnuse 20 cm of fresh powdery snow this morning! 08:01 drojf magnuse: i am so happy for you 08:01 magnuse :-) 08:02 drojf there was supposed to be snow again next week. i have not checked again. i hope not 08:05 drojf it says 13° for that day now. nice 08:11 drojf is anyone using koha with vufind? 08:11 liw @wunder helsinki 08:11 huginn liw: The current temperature in Helsinki, Finland is -3.0°C (9:50 AM EET on February 22, 2017). Conditions: Mostly Cloudy. Humidity: 74%. Dew Point: -7.0°C. Windchill: -10.0°C. Pressure: 29.36 in 994 hPa (Falling). 08:18 gaetan_B hello 08:29 Joubu hi #koha 08:29 LibraryClaire bonjour Joubu 08:29 LibraryClaire hi gaetan_B 08:46 cait drojf++ 09:03 magnuse cait++ 09:03 magnuse gaetan_B: it's skrei-season again! 09:04 gaetan_B oooh, i guess you'll have to take another serving for me then ! it doesn't seem like i'll make it to Norway this time 09:19 nlegrand Hello ! 09:19 nlegrand If I have a bug on master that is also affecting 6.11, should I cc 6.11 release maintainers? 09:23 Joubu it's 11.6, not 6.11 :) 09:23 nlegrand Joubu: ho right :) 09:23 Joubu Nope, they watch the "push to master" bug list 09:23 Joubu so no need to cc them 09:23 nlegrand not quite awaken yet ^^ 09:24 Joubu nlegrand: what bug is it? 09:24 nlegrand Bug 18150, very easy one :) 09:24 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18150 normal, P4, ---, koha-bugs, NEW , CanItemBeReserved doesn't work with (IndependentBranches AND ! canreservefromotherbranches) 09:24 nlegrand patch coming= 09:25 Joubu and it's 17.5.. 09:25 Joubu well it's year.month, ok? :) 09:25 Joubu nlegrand: do you plan to submit a patch? 09:25 nlegrand :) 09:26 nlegrand Joubu: in a few seconds 09:27 nlegrand 10:23 <@Joubu> it's 11.6, not 6.11 :) <- you meant 16.11 right ? ^^ 09:28 * cait sends coffee :) 09:28 * Joubu grabs more tea 09:39 eythian hi 09:39 eythian @wunder ams 09:39 huginn eythian: The current temperature in Amsterdam, Netherlands is 10.0°C (10:25 AM CET on February 22, 2017). Conditions: Scattered Clouds. Humidity: 87%. Dew Point: 8.0°C. Pressure: 29.65 in 1004 hPa (Steady). 09:39 eythian two digits! 09:43 drojf hi eythian 09:43 eythian hello drojf 09:46 drojf @wunder sxf 09:46 huginn drojf: The current temperature in Berlin Schoenefeld, Germany is 10.0°C (10:20 AM CET on February 22, 2017). Conditions: Light Rain. Humidity: 87%. Dew Point: 8.0°C. Pressure: 29.50 in 999 hPa (Steady). 09:46 drojf ha 09:47 eythian you're just copying my weather 09:47 drojf heh 09:47 drojf i did a migration error and got light rain though 09:49 eythian yeah, that was silly 09:49 eythian that was fixed a few hours ago in my version. 09:50 * drojf rebases weather 09:50 magnuse @wunder enbo 09:50 huginn magnuse: The current temperature in Bodo, Norway is -6.0°C (10:20 AM CET on February 22, 2017). Conditions: Clear. Humidity: 74%. Dew Point: -10.0°C. Windchill: -15.0°C. Pressure: 28.85 in 977 hPa (Falling). 09:51 magnuse git remote add amsterdam 10:07 LibraryClaire @wunder konstanz 10:07 huginn LibraryClaire: The current temperature in Jungerhalde, Konstanz, Germany is 10.5°C (11:06 AM CET on February 22, 2017). Conditions: Overcast. Humidity: 79%. Dew Point: 7.0°C. Pressure: 30.04 in 1017 hPa (Steady). 10:20 eythian oooh, look at you with your extra 0.5°. Showoff ;) 10:21 LibraryClaire *flex* 11:17 rsantellan good morning #koha 11:55 magnuse @wunder marseille 11:55 huginn magnuse: Error: No such location could be found. 11:55 magnuse @wunder marseille, france 11:55 huginn magnuse: The current temperature in Marseille, France is 16.0°C (12:30 PM CET on February 22, 2017). Conditions: Clear. Humidity: 55%. Dew Point: 7.0°C. Pressure: 30.12 in 1020 hPa (Steady). 11:55 magnuse whoa! 11:59 drojf nice 11:59 drojf magnuse: are you going to the hackfest? 12:02 magnuse sadly, no 12:02 magnuse ooh, dev meeting in ~1 hour? 12:03 magnuse https://wiki.koha-community.org/wiki/Development_IRC_meeting_22_February 12:03 drojf i keep missing those 12:03 drojf or not knowing of them 12:04 drojf somebody should invent a thing where all days are listed and you enter what stuff you want to do 12:04 magnuse ooh, sounds like a clever idea 12:05 magnuse you should patent it! 12:05 drojf then i only need somebody to look at it once in a while and tell me what it says 12:06 magnuse even better! 12:11 marcelr hi #koha 12:12 drojf oh 12:12 drojf nevermind 12:12 drojf hi marcelr 12:12 marcelr hey drojf 12:15 drojf i get this, any ideas what it means?`http://paste.koha-community.org/323 12:16 drojf trying to get it working with newer catmandu and stuff 12:17 Joubu drojf: I did not get this one, but got errors in ES log because I was using Catmandu::Store::ElasticSearch instead of Catmandu::Store::Elasticsearch 12:17 Joubu S vs s 12:18 drojf hm yes i think i saw something like that before 12:31 * druthb waves blearily. 12:31 francharb good morning all 12:33 * LibraryClaire waves 12:38 oleonard Hi all 12:39 LibraryClaire hi oleonard 12:40 druthb g'morning, oleonard. :) 12:46 eythian hi oleopard 12:49 LibraryClaire wahanui? 12:49 LibraryClaire :O 12:49 drojf ding dong the bot is dead 12:49 LibraryClaire I thought it was too quiet 12:49 oleonard wahanui is having a poolside beer with rangi right now 12:51 drojf why don't we have a pool bar for meetings? 12:51 * druthb seconds drofj's idea 12:51 * druthb pokes at her keyboard, and tries again: drojf. 12:52 drojf druthb! 12:52 druthb drojf! 12:52 drojf :) 12:52 drojf now i forgot what i was going to do because pool 12:55 jajm hi #koha 12:55 marcelr hi jajm 12:56 jajm marcelr, i think i'll be able to qa 18070 today :) 12:56 marcelr ok that would be very nice :) 13:02 marcelr hey kidclamp 13:02 kidclamp hi marcelr 13:02 marcelr are you chairing the meeting? 13:03 kidclamp if tcohen isn;t here I suppose so 13:03 * LibraryClaire waves 13:03 marcelr where is tcohen when you need him ;) 13:03 kidclamp #startmeeting Development IRC meeting 22 February 13:03 huginn Meeting started Wed Feb 22 13:03:58 2017 UTC. The chair is kidclamp. Information about MeetBot at http://wiki.debian.org/MeetBot. 13:03 huginn Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 13:03 huginn The meeting name has been set to 'development_irc_meeting_22_february' 13:04 kidclamp #topic Introductions 13:04 oleonard [off] Yay I'm actually here for a meeting! 13:04 marcelr #info Marcel de Rooy, Rijksmuseum 13:04 kidclamp #info Nick Clemens, ByWater Solutions 13:04 cait #info Katrin Fischer, BSZ, Germany 13:04 oleonard #info Owen Leonard, Athens County Public Libraries, USA 13:04 LibraryClaire #info Claire Gravely, BSZ, Germany 13:04 jajm #info Julian Maurice, BibLibre, France 13:04 Joubu #info Jonathan Druart 13:04 drojf #info Mirko Tietgen, Berlin, Germany 13:05 benjamin #info Benjamin Rokseth , Oslo, Norway 13:05 kidclamp #topic Announcements 13:05 marcelr I have two small 'announcements' 13:06 marcelr The first is: Three sec patches are still pending: 18010, 18019 in NSO and 18124 in SO. 13:06 d_antonakis #info Dimitris Antonakis, Athens, Greece 13:06 marcelr 18124 is from Joubu, the other two from me 13:06 marcelr and second: 13:06 marcelr On the auth merge front I am hoping for a QA of 18070 from Julian maybe today and I will submit the next patch set 9988 very soon. Will be the last fundamental change to merge in this series. After that some smaller things left. 13:06 kidclamp #info three security patches need attention: 18010, 18019, 18124 13:07 marcelr So hope for some feedback then 13:07 kidclamp #info Authority merge set needs QA on 18070 - is waiting for patch on 9988 (coming soon) and then fundamental changes will be done 13:07 kidclamp thanks marcelr 13:08 kidclamp Lets ping khall and see if we have release announcements 13:08 barton #info Barton Chittenden, BWS, Louisville KY 13:09 kidclamp skipping 17.05 for now 13:09 kidclamp #topic Updates from the Release Maintainers 13:09 kidclamp cait? 13:09 cait yes? 13:09 cait ah 13:09 cait sorry, was looking at the bugs :) 13:09 cait #info 16.011.04 was reeleased today, it includes 3 enh and 41 bugfixes 13:10 cait I think we killed a lot of bad bugs with this one, getting it nice and stable 13:10 kidclamp cait++ 13:10 marcelr cait++ 13:10 cait hope there is not much more to be found :) 13:10 druthb cait++ 13:11 cait that's it basically 13:11 druthb #info D Ruth Bavousett, no one of consequence 13:11 cait i plan to stick to schedule for the next one as well 13:11 cait that's it from me :) 13:11 kidclamp any updates jajm or mtj? 13:12 kidclamp thanks cait 13:12 kidclamp #topic Updates from the QA team 13:12 kidclamp no Joubu today? 13:12 Joubu yep 13:13 barton [aside] /me notes that druthb *is* of consequence; he uses her scripts often ;-) 13:13 kidclamp ah, ops list :-) 13:13 jajm kidclamp, 3.22.17 was released on monday, but nothing special with this release :) 13:13 Joubu I have things to highglitht, but for next topic 13:13 druthb [aside] /me thanks barton 13:13 Joubu I need help to QA patches, nothing new, nothing else... 13:13 kidclamp #info 3.22.17 was released monday 13:14 kidclamp #info Keep QAing please and watch the queue doesn't get too big 13:14 marcelr 65 now 13:14 kidclamp #topic General development discussion (trends, ideas, ...) 13:14 kidclamp go for it Joubu 13:15 Joubu So, 5 things to highlight: 13:15 Joubu 1. As we now have marcxml out of bibitems, we need bug 17898, which is really easy to test 13:15 * drojf queues in line 13:15 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17898 enhancement, P5 - low, ---, jonathan.druart, Needs Signoff , Add a way to automatically convert SQL reports 13:15 Joubu 2. Bug 17961 should be very easy to test and QA, it just adds tests. Please make it move forward quickly 13:15 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17961 enhancement, P5 - low, ---, jonathan.druart, ASSIGNED , TT syntax for notices - Prove we have an equivalent for our historical custom syntax 13:15 * kidclamp queues behind drojf 13:15 marcelr still assigned 13:15 Joubu see deps 13:15 magnuse #info Magnus Enger, Libriotech, Norway 13:15 Joubu it's an omnibus 13:15 Joubu 3. bug 16846 is a big one, but should be interesting to get it in. We will manipulate patron object (almost) everywhere 13:15 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=16846 enhancement, P5 - low, ---, jonathan.druart, ASSIGNED , Move patron related code to Koha::Patron 13:16 kidclamp #info please test 17898, convertin greports after marcxml move 13:16 Joubu still assigned, no patches, too many deps, but there is a remote branch with evrything on it 13:16 kidclamp #info bug 17961 adds test, please test and qa 13:16 Joubu 4. Hea has been moved to another server, I will be able to access it to clean the DB and upgrade the code. It would be great to get somebody involves on bug 18066 13:16 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18066 enhancement, P5 - low, ---, jonathan.druart, Needs Signoff , Hea - Version 2 13:16 Joubu And finally, 5. We need testers from different countries for the onboarding tool ft (bug 17855 and bug 18039). I provided patches for 18039 and will QA 17855. Cannot test 18039 13:16 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17855 enhancement, P5 - low, ---, alexbuckley, Signed Off , Updated Koha web installer and new onboarding tool feature to guide users through setting up Koha 13:16 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18039 enhancement, P5 - low, ---, jonathan.druart, Needs Signoff , Move the mandatory and optional files for non-english languages into 'default' directory so bug 17855 permits use of other languages 13:16 kidclamp #info bug 16846 move to Koha::Patron - dependency tree needs help 13:16 marcelr bug 18039 13:17 oleonard I started to test 18066 Joubu, but ran out of time. I hope to take another crack at it 13:17 cait i will try to test the german installer for the onboarding tool 13:17 magnuse oleonard++ 13:17 Joubu Nothing really, I highlight these things in the last 2 "what's on in koha-devel" email, but do not get help 13:17 cait but bit short of time for the next 2 weeks 13:17 kidclamp #info bug 17855 and 18039 Onboarding tool needs broad testing from different countries 13:18 LibraryClaire I can take a look at the 17898 13:18 Joubu About the lang isntaller, we may need to discuss about removing ru-RU and uk-UA... 13:18 marcelr they seem unsupported 13:19 marcelr send a mail to the list? 13:19 marcelr and remove them? 13:19 marcelr you can still find them in git, update them and get them back in later 13:19 Joubu yep 13:20 cait i think maybe send an email to the translate list 13:20 cait the translations I think are maintained 13:20 cait i tmight lack someone comfortable with git 13:20 cait would not be nice to break it for them - what's he problem? 13:20 cait coudl we restructure to bring it in line with the other installers? 13:20 Joubu #info bug 14302 has a patch, to kick GRS-1 related code 13:20 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=14302 enhancement, P5 - low, ---, jonathan.druart, Needs Signoff , Remove GRS1 indexing related code 13:21 marcelr cait: if they are half english, why keep them? 13:21 cait why not keep them? 13:21 kidclamp #info discussion on maintenance/removal of ru-RU and uk-UA as they seem unsupported 13:21 marcelr because no one maintains them 13:21 cait if there is a bit translated, it's still helping 13:21 cait i can read a bit of russian 13:21 cait i can try to take a look 13:22 Joubu IIRC They were broken for a while, and nobody complained (ok it's not a valid reason) 13:23 Joubu The other way around is to push the onboarding patches and test the feature after it's in... 13:23 * Joubu is hidden already 13:23 cait i can still see you! :) 13:24 marcelr yeah Joubu: why not dismiss the qa team 13:24 Joubu Yesterday Alex suggested to push it for English, then push it for other languages 13:24 cait the problem was that it breaks the ohter languages 13:24 Joubu to me it's not really acceptable to have a feature for English only 13:24 cait yeah 13:24 Joubu nobody will care for others for sure 13:24 cait so that's a big regression 13:24 cait maybe we can give it a bit more time? 13:24 Joubu if can still if else... 13:25 Joubu we can still if else... 13:25 cait if else? 13:25 Joubu if english: onboarding 13:25 Joubu else: no onboarding 13:25 cait ah 13:26 cait it hink we should offer it for all languages 13:26 drojf for all but english 13:26 cait as a goal - still time until release 13:26 drojf sorry 13:26 kidclamp need a vote or still discussion and waiting? I think maybe we should send something to list 13:26 Joubu it's on bug 17855 comment 166 (last one) 13:26 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17855 enhancement, P5 - low, ---, alexbuckley, Signed Off , Updated Koha web installer and new onboarding tool feature to guide users through setting up Koha 13:26 cait can we postpone it till next meeting? 13:26 kidclamp agreed 13:26 cait and see if it gets tested until then? 13:26 Joubu I sent something on the list already... 13:27 kidclamp indded you did :-) 13:27 Joubu yes, move on 13:28 kidclamp drojf? 13:28 drojf oh 13:28 * drojf panics 13:28 drojf i tried to backport/build all packages related to elasticsearch in koha. that includes getting libsearch-elasticsearch-perl into debian, backporting libcatmandu-perl 1.03* from debian unstable, packaging libcatmandu-store-elasticsearch-perl (not in debian yet) and some dependencies 13:28 drojf i had to change the package dependencies for some of the backports to make them work in debian jessie. i have emailed the maintainer to check if that may have any negative consequences, i don't think it does. they were build dependencies and the build worked anyway 13:28 drojf i have not uploaded it yet and i wonder if it makes sense to put it in a separate repository first. it could break dev setups and it might be nicer to have a choice 13:29 drojf i tried a koha + ES setup with it and indexing gave an error. it may or may not have anything to do with the packages. i have not investigated a lot. http://paste.koha-community.org/323 13:29 oleonard [aside] drojf types fast when he panics 13:29 drojf i do 13:29 drojf :D 13:29 kidclamp #info discussion on onboarding tool - will table to next meeting to decide if push with english first and other langugages as they are tested or how to proceed 13:29 druthb [aside] /me chuckles 13:30 drojf that's all from me 13:30 drojf [aside] aside is the new off? 13:31 oleonard [off] Testing required. 13:31 kidclamp #info Mirko is working on packaging ES dependencies but has hit an error or two - investigating as a separeate repository until all wrinkles ironed out 13:31 kidclamp #link http://paste.koha-community.org/323 Error Mirko encountered 13:31 kidclamp thanks Joubu drojf 13:32 kidclamp I just had a quick thing, working on facets a buit with elastic and hit some snags while trying to change language codes into display values 13:32 kidclamp I wondered if anyone had any thoughts on storing the display values in elastic when indexing as opposed to feteching them from codes when displaying 13:33 Joubu You do not want to store the display values 13:33 kidclamp why? 13:33 Joubu if they change, you will have to reindex everything 13:33 kidclamp hmm...true 13:33 kidclamp how often do they change :-) 13:34 eythian kidclamp: you'll have to deal with multiple languages too 13:34 kidclamp ah, if they use translations, fair point 13:34 Joubu They should not change so often, but I do not think it's something to do 13:34 Joubu It's the same for other AVs 13:35 kidclamp good points all, thnak you - had only breifly thought so far 13:35 Joubu kidclamp: do you have a bug number to follow? 13:35 kidclamp will be followup to bug 17169 to add language facets 13:35 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17169 enhancement, P5 - low, ---, nick, Failed QA , Add facets for ccode to elasticsearch 13:36 kidclamp but language tables are ugly 13:36 Joubu yes they are... 13:37 kidclamp that is all for me 13:37 Joubu kidclamp: last time I played with that it was for bug 17762 13:37 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=17762 enhancement, P5 - low, ---, jonathan.druart, Signed Off , Ability to translate notices 13:37 cait how would new ones get added? 13:37 cait i mean, where do you get the descriptons to feed into elastic? 13:37 Joubu There may be some things to help you 13:37 kidclamp #info kidclamp will followup 17169 with language facets 13:37 kidclamp currently they come from language tables cait 13:37 cait ah 13:37 kidclamp thanks Joubu 13:38 cait there was a bug somewhere to move those out of the db 13:38 cait there is no way for people to add translations there easily and htey are very incomplete 13:38 kidclamp ah, I briefly remember that 13:38 kidclamp I don't think we have guidleines to review today 13:38 cait i thik i'd prefer something that stores the language display text in a translatable file 13:38 Joubu bug 12017 13:38 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=12017 enhancement, P5 - low, ---, bgkriegel, Patch doesn't apply , Move language description out of database 13:39 kidclamp #info bug 12017 may help with language code/display issues and solve other issues 13:40 kidclamp next meeting? 13:40 kidclamp or anyone else for discussion? 13:40 Joubu tcohen: tooooolate 13:40 kidclamp tcohen maybe :-b 13:41 marcelr tcohen: quickly introduce yourself 13:41 tcohen hi 13:42 tcohen #info Tomas Cohen Arazi 13:42 * tcohen is sick today, but here hehe 13:42 druthb [aside] applauds 13:43 kidclamp #topic Next meeting 13:43 kidclamp reviewing survey last meeting we think 19UTC may be better than 20, any opposition or support? 13:43 tcohen support 13:44 oleonard support 13:44 marcelr if we go to 13utc the time after 13:44 LibraryClaire marcelr they alternate :) 13:44 marcelr yes 13:44 kidclamp yes 13 works well for many of us :-) 13:44 marcelr i know 13:44 khall ack, missed everything ; ) 13:45 kidclamp heh 13:45 kidclamp once we set date you can comment khall 13:45 kidclamp March 8, 19 UTC? 13:45 LibraryClaire 8th March 19 UTC? 13:45 * LibraryClaire is too slow 13:46 kidclamp LibraryClaire++ 13:46 kidclamp +1 13:47 cait +1 13:47 oleonard +1 13:47 Joubu +1 13:47 barton +1 13:47 kidclamp #info Next meeting Wednesday, 8th March 19 UTC 13:47 kidclamp [aside] before the torrent of downvotes :-D 13:48 kidclamp #topic Update from the Release manager (17.05) 13:48 kidclamp khall? 13:48 khall Nothing too noteworthy to bring up 13:48 khall Enhanced overdrive integration has been pushed to master! 13:49 kidclamp #info Overdrive integration pushed 13:49 khall that's the only big thing I can think of 13:49 * oleonard is getting an error related to that... Will bring it up after the meeting 13:49 kidclamp thnaks khall 13:50 kidclamp last call? 13:50 kidclamp #endmeeting 13:50 huginn Meeting ended Wed Feb 22 13:50:35 2017 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) 13:50 huginn Minutes: http://meetings.koha-community.org/2017/development_irc_meeting_22_february.2017-02-22-13.03.html 13:50 huginn Minutes (text): http://meetings.koha-community.org/2017/development_irc_meeting_22_february.2017-02-22-13.03.txt 13:50 huginn Log: http://meetings.koha-community.org/2017/development_irc_meeting_22_february.2017-02-22-13.03.log.html 13:50 kidclamp thanks all 13:50 marcelr thx kidclamp 13:50 LibraryClaire kidclamp++ 13:51 drojf can anyone tell me what versions of Catmandu and Catmandu::Store::Elasticsearch are used in kohadevbox? (or libcatmandu-perl and libcatmandu-store-elasticsearch-perl, but i think tcohen said they are cpan'd) -- kidclamp or Joubu maybe 13:52 tcohen drojf: they are cpaned 13:52 Joubu drojf: are you running the last version of kohadevbox? 13:52 drojf tcohen: ah yes i typed that before you came in :D so it's the latest version from cpan? 13:52 Joubu and recreated one fresh box? 13:52 drojf Joubu: i am not running it at all 13:52 drojf i just want to know what versions you use :) 13:52 tcohen if you choose elasticsearch_version: '5.' 13:53 Joubu ok, so you need Catmandu::Store::ElasticSearch 13:53 Joubu not minus s[earch] 13:53 Joubu just what I said before the meeting 13:53 tcohen vagrant@kohadevbox:tmp$ pmvers Catmandu 13:53 tcohen 1.0305 13:53 tcohen vagrant@kohadevbox:tmp$ pmvers Catmandu::Store::ElasticSearch 13:53 tcohen 0.0504 13:53 drojf thanks tcohen that is what i was looking for 13:54 tcohen kohadevbox uses the packaged ones if elasticsearch_version = 1.x 13:54 tcohen just saying 13:54 tcohen not sure what are you trying to do 13:54 oleonard I'm getting an error in master when logging in to the staff client: "DBIx::Class::Storage::DBI::_dbh_execute(): Unknown column 'me.overdrive_auth_token' in 'field list' at /home/vagrant/kohaclone/Koha/Objects.pm line 83" 13:55 oleonard Looks like a db update didn't run? I tried running updatedatabase manually and it didn't trigger anything. 13:55 drojf tcohen: http://irc.koha-community.org/koha/2017-02-22#i_1910250 13:55 drojf i wanted to know if it is a problem with the version numbers. but the packaged ones are similar 13:55 kidclamp restart memcached and run update? 13:55 oleonard Ah good point I didn't try that 13:56 drojf i use 1.7 though 13:56 drojf maybe it works with 5.x 13:56 drojf ES that is 13:56 oleonard kidclamp++ 13:56 * kidclamp shakes fist at memcached 14:04 tcohen drojf: could you evaluate packaging Mojo::JWT? 14:09 drojf tcohen: dpkg-deb: building package `libmojo-jwt-perl' in `../libmojo-jwt-perl_0.05-1_all.deb' 14:09 drojf seems to work ok 14:09 drojf no weird dependencies 14:10 drojf tcohen: for which bug? 14:12 tcohen @wunder cordoba, argentina 14:12 huginn tcohen: The current temperature in Cordoba, Argentina is 28.0°C (11:00 AM ART on February 22, 2017). Conditions: Partly Cloudy. Humidity: 70%. Dew Point: 22.0°C. Pressure: 29.95 in 1014 hPa (Steady). 14:13 tcohen drojf: I haven't filed it yet 14:13 magnuse @wunder enbo 14:13 huginn magnuse: The current temperature in Bodo, Norway is -4.0°C (2:50 PM CET on February 22, 2017). Conditions: Mostly Cloudy. Humidity: 64%. Dew Point: -10.0°C. Windchill: -10.0°C. Pressure: 28.80 in 975 hPa (Steady). 14:14 tcohen but basically adding and authentication endpoint 14:14 tcohen for third parties to consume our API 14:15 drojf tcohen: ok. the package seems easy to do. if you choose to use it tell me and i can open a bug at debian 14:15 tcohen drojf: please do :-D 14:15 drojf i don't want to maintain stuff that does not go into koha in the end :D so better use it then :P 14:18 tcohen fair enough 14:20 Joubu tcohen: What about the *£%ù# jenkins badges? 14:22 Joubu 16.11.x says Clover Code Coverage - 57.8% method 5212/6417, conditional 8281/20570, statement 27361/43689. 14:22 Joubu Master says Clover Code Coverage - 25.3% method 3203/5515, conditional 1329/18644, statement 11371/38665. 14:23 Joubu sounds weird... 14:23 Joubu ... and buggy 14:24 druthb @wunder 77098 14:24 huginn druthb: The current temperature in Montrose, Houston, Texas is 15.8°C (8:17 AM CST on February 22, 2017). Conditions: Clear. Humidity: 70%. Dew Point: 11.0°C. Pressure: 29.90 in 1012 hPa (Rising). 14:25 drojf Joubu: you need libtemplate-stash-autoescaping-perl for 13618? or you use a custom version? i am not sure if i understand the bug correctly 14:26 Joubu drojf: it does not work 14:26 Joubu the idea was to use a custom version, lighter 14:26 Joubu ... and buggy 14:26 Joubu :) 14:26 drojf ah ok you are removing it. my brain read the patch backwards. lol 14:26 Joubu I am stuck with this one 14:26 * drojf blames no coffee 14:30 kellym heybywater we are training at Hudson County Community 14:30 khall hi kellym! 14:30 kidclamp Hi Kellym 14:31 kellym hi kidclamp 14:31 jzairo hi kellym 14:31 kivilahtio ashimema: I understand now why you didn't find the x-koha-authorization in the Swagger-spec such a good idea. Looking at http://swagger.io/specification/#scopesObject 14:31 kivilahtio I don't remember seeing this when I first started working with Swagger2 14:32 ashimema lol 14:32 kivilahtio ashimema: But looks like tehre is now a standard way of defining what permissions endpoints need and what permissions are available in the API 14:32 ashimema indeed 14:32 kivilahtio which is realyl nice 14:32 ashimema there has been for years mate.. that's what I was trying to get accross ;) 14:32 kivilahtio really? 14:32 kivilahtio I might have missed this because I completely tried to avoid any OAuth stuff back then 14:33 ashimema the oath scopes stuff has been there since I first started working with swagger ;) 14:33 kivilahtio ashimema: ok 14:33 kivilahtio ashimema: this is almost 100% what we have in Koha now. 14:33 ashimema I'm close to having an oath patch.. been fixing the library for the last week 14:33 kivilahtio ashimema: well. We'll look into replacing x-koha-permission with this 14:33 kivilahtio ashimema: what exactly does your OAuth2-patch do? 14:34 kivilahtio ashimema: I am looking into implementing a OAuth2 password-grant flow? 14:34 kivilahtio a very simplistic version without the authorization server component 14:34 ashimema it'll do all four flows ;) 14:34 ashimema and use JWT for transport.. 14:34 ashimema will also allow for revoking of jst's using jti identifiers 14:34 kivilahtio ashimema: how did you manage to get JWT into OAuth2? 14:35 ashimema also.. tcohen is working on a first step to jwt auth route in koha's api whilst I'm still bashing this end out 14:35 kivilahtio ashimema: are you using it as the access_token? 14:35 ashimema easy.. the library supports it natively.. you just have to be sensible in your callbacks 14:36 ashimema access and refresh tokens are both jwt (I've not worked out how to do one but not the other) 14:36 kivilahtio ashimema: according to the spec, if you get the access_token, you must use it in the Authorization: Bearer <JWT> 14:36 tcohen https://snag.gy/elLOCN.jpg 14:36 ashimema I would prefer an opaque refresh token I think.. though there's no real justification behind that 14:36 kivilahtio ashimema: you dont need much info in the refresh token? 14:36 ashimema yeah.. that's where it goes 14:37 ashimema nice owkr tcohen :) 14:37 kivilahtio tcohen: nice work 14:37 kivilahtio tcohen: your token endpoint is even the same as mine :) 14:37 ashimema my oauth is still a little way behind this.. working through amendments to the library has been time consuming 14:37 kivilahtio I have it drawn right here on my sheets 14:37 drojf tcohen: ok it seems that Mojo::JWT brings a lot of happiness to people ;) 14:38 tcohen hahah 14:38 * ashimema would impliment on oauth/token and oauth/authorize endpoints.. so there would be no collisions ;) 14:38 kivilahtio drojf: I am concerend about how to revoke it 14:38 kivilahtio ashimema: that is what you must do? 14:38 ashimema kivi.. you keep a copy of the jti and revoke that 14:38 kivilahtio ashimema: I speced it to /api/v1/auth as the authorization endpoint 14:38 kivilahtio ashimema: then /api/v1/auth/token as the token endpoint 14:39 ashimema what I do is keep a copy of the jti in the db, then short cache that so it's fast to lookup 14:39 kivilahtio ashimema: what do you mean short-cache? 14:39 kivilahtio ashimema: in memcached? In Mojo cache? 14:41 kivilahtio ashimema: tcohen: so is there anything I can do to help you out? 14:42 ashimema in my case I memcache it and then ensure I destroy that cache when you call revoke 14:42 kivilahtio I need to implement OAuth2 Password grant 14:42 kivilahtio ashimema: tcohen: I presume you are using Koha as the authorization server as well as the resource server? 14:42 * ashimema is currently working on all this.. explaining it is harder than just writing it and showing you ;) 14:42 tcohen kivilahtio: yes 14:43 tcohen it is a simple implementation to allow use of the API by third parties 14:43 ashimema tcohens stuff is a great first step.. my aim is a followup with the rest of the stack 14:43 tcohen ashimema is working on a proper OAuth2 server implementation using the Mojo plugin 14:43 kivilahtio tcohen: have you already done the Swagger-spec changes to change x-koha-auth to use the OAuth claims? 14:44 tcohen kivilahtio: nope, and I won't for now 14:44 kivilahtio tcohen: maybe we can do that 14:44 ashimema that will come with oauth 14:44 kivilahtio ok 14:44 * ashimema goes back to working on it instead of talking aobut it ;) 14:44 kivilahtio ok ok 14:44 kivilahtio ashimema: any idea when you have something to sign off? 14:45 ashimema weeks not days from now.. at least.. 14:46 ashimema I'm working on oauth from 3 directions at the moment.. implimenting it in a pure mojo app we already have running.. using that for testing and clarifying understanding.. submitting bugfixes upstream to the oauth plugin and net::oath2::server distribution.. and then it'll be the koha piece 14:46 kivilahtio ashimema: sounds about what I was going to do 14:46 ashimema koha's got the most moving parts.. so i wanted to make sure I fully understood auth and the plugin before attacking the koha end 14:46 kivilahtio ashimema: I won't keep you from it then 14:46 kivilahtio me too 14:46 kivilahtio it is really confusing 14:47 ashimema well.. i'm roughly half way through.. so not on the koha bit yet.. writing the oauth lib patches and working with Lee allot at the moment 14:47 kivilahtio <tcohen> it is a simple implementation to allow use of the API by third parties 14:47 kivilahtio Doesnät Koha laready have a simple auth implemetnation? 14:48 kivilahtio tcohen: https://github.com/KohaSuomi/kohasuomi/blob/kohasuomi3.16/api/v1/swagger/paths/auth.json#L46 14:48 kivilahtio hmm 14:48 kivilahtio tcohen: maybe that never was shared with the community 14:48 tcohen i think you filed a bug, or was Julian 14:49 kivilahtio we have been using that simple username + password endpoint to get the CGISESSID via the API 14:49 tcohen but you made it dependent on a major Auth.pm rewrite 14:49 kivilahtio ah yeah, now I remember 14:49 kivilahtio :) 14:50 kivilahtio tcohen: you can kopypaste our code :) 14:50 kivilahtio tcohen: actually the problem we have with this endpoint is the IP protection on the CGISESSID 14:51 kivilahtio the national OPAC has a load balancer which sends requests from a pool of incoming IP-addresses 14:51 kivilahtio so we need to figure out a way to authenticate securely without locking the session to IP 14:54 tcohen kivilahtio: you need to use my token-based authentication 14:54 kivilahtio tcohen: what do you mean? 14:54 kivilahtio tcohen: where is that 14:55 kivilahtio tcohen: or do you mean the work-in-progress -one? 14:55 tcohen that one, yes 14:56 tcohen i will try to attach it to a bug report, probably tomorrow once I get out of bed 14:56 kivilahtio nice 14:57 tcohen it is a small, not-perfect, implementation that allows creating a JWT to be used in a Bearer Authorization header 14:57 kivilahtio tcohen: is it based on Mojolicious? 14:57 kivilahtio Mojo::JWT 14:57 kivilahtio I guess so 14:58 eythian kivilahtio: what's wrong with using IP affinity on your load balancer? 14:58 pastebot "tcohen" at 127.0.0.1 pasted "{ "/auth/token": { "post": { "" (48 lines) at http://paste.koha-community.org/324 14:58 eythian or maybe persistance, but swings/roundabouts 14:58 kivilahtio tcohen: I was planning on having the API-client authorization as a Authorization: Basic <client apikeydigest>, <end-user crednetials JWT> 14:59 kivilahtio eythian: their load balancer 14:59 kivilahtio eythian: I don't know 14:59 eythian ah right 14:59 kivilahtio eythian: quite frankly I havenät thought about that 15:00 kivilahtio tcohen: I think we need to somehow have two credentials in the API request. One from the client, as the Basic-auth, and one from the end-user (Bearer JWT)whose credentials are used by the client 15:01 kivilahtio tcohen: well I don't really know. That was something I was hoping for. 15:01 kivilahtio tcohen: This way you can see from the request that there is a client who is using the api with somebody elses credentials 15:01 kivilahtio I think that is important 15:02 kivilahtio eythian: I wonder can we use IP affinity on their load balancer? 15:03 tcohen kivilahtio: i don't follow 15:03 tcohen not my best day, though 15:03 kivilahtio tcohen: me neither :) 15:03 eythian kivilahtio: you'll need to do your own research to see if it suits, but it's a way of avoiding some of the session issues that can happen with load balancing 15:03 kivilahtio maybe ashimema can comment on requiring both the client API Basic auth and the end-user Bearer JWT 15:04 eythian https://imgflip.com/i/1k4jiu <-- tcohen 15:04 tcohen hahaha 15:05 kivilahtio C4::Search isnt that bad :) 15:05 kivilahtio I had to tweak it a bit 15:05 kivilahtio but it takes some years to get used to 15:05 kivilahtio :) 15:06 tcohen kivilahtio: my idea is that the API consumer has API credentials it can use through the /auth/token endpoint to get a JWT (generated by Koha) that it will use in further calls to the API as a Bearer in the Authorization header 15:06 kivilahtio I am fearful that the new Koha::SearchEngine might not be any better in the end. The problem is that you can never get rid of complexity by refactoring. You can only hide it better :) 15:07 kivilahtio tcohen: are you speaking of the Client credentials grant type? 15:07 tcohen sort of 15:07 kivilahtio sort of :) 15:08 tcohen i mean, i'm implementing that 15:08 kivilahtio ok 15:08 kivilahtio tcohen: so you have a explicit strong trust use-case 15:08 tcohen yes 15:09 kivilahtio tcohen: I don't want to give the API consumer itself any other permission that to use another users credentials to do stuff 15:09 tcohen my only problem is that as we have a strong trust use-case, what is the point of such complexity 15:09 kivilahtio tcohen: well this is just a glorified basic auth with Authorization: Basic API-consumer-id.api_secret 15:10 tcohen it is 15:10 tcohen that's why I'm in doubt about it 15:10 kivilahtio tcohen: I have to agree this OAuth2 is complex 15:10 kivilahtio tcohen: but if you think of the access_token as the CGISESSID equivalent 15:10 kivilahtio this doenst look so bad 15:10 kivilahtio and you upgrade the CGISESSID with JWT 15:11 tcohen that was the original idea 15:11 kivilahtio I guess the good thing is that there is a standard w ecan say our API follows 15:11 tcohen i'm hoping to see ashimema's Oauth2 implementation soon to QA it 15:12 tcohen in the meantime, we can have /auth/token and /auth/session 15:12 tcohen if you want ot 15:12 kivilahtio tcohen: this Client Credentials Grant is just password+username login using the shared secret 15:12 kivilahtio so it is good to havea formal recognition on it 15:12 kivilahtio tcohen: I think it would be better to have everything under OAuth2 15:13 kivilahtio tcohen: because the /auth/session is just a simple version of Resource Owner Password Credentials Grant 15:13 kivilahtio or is it? 15:14 kivilahtio hmm. looks like according to RFC6749 that the Authorization: Basic czZCaGRSa3F0MzpnWDFmQmF0M2JW is needed 15:14 marcelr thx jajm++ 15:14 kivilahtio so this would imply that this "Resource Owner Password Credentials Grant" can only be used with a shared api_secret 15:15 kivilahtio so then it would be different from the plain username+password in /auth/session 15:15 eythian kivilahtio: that contains a password, if that was a real password, you probably want to be changing it 15:15 kivilahtio eythian: thanks for the tip 15:15 kivilahtio https://tools.ietf.org/html/rfc6749#section-4.3.2 15:15 kivilahtio you can find the password from here :) 15:15 eythian hah 15:15 eythian as you were then :) 15:15 kivilahtio eythian: thank you for the warning tho! 15:16 jajm marcelr, np, tell me when other authority bugs await QA ;) 15:16 marcelr cool 15:16 marcelr i am struggling with 9988 15:16 marcelr but will be ready soon 15:16 eythian https://dhavalkapil.com/blogs/Attacking-the-OAuth-Protocol/ <-- while you're looking into oauth, this popped up the other day :) 15:19 kivilahtio eythian: just what I needed 15:19 kivilahtio eythian: I was kinda thinking that phew. I am getting things under control 15:19 eythian happy to help ;) 15:23 tcohen Joubu: coverage is wrong because the run died due to missing dep (WebService/ILS/OverDrive/Patron.pm 15:23 tcohen ) 15:25 kivilahtio tcohen: ashimema: How do you intende to register the API consumer (client) in Koha? 15:25 kivilahtio https://tools.ietf.org/html/rfc6749#section-2 15:25 kivilahtio I was planing on using the borrowers-table 15:26 kivilahtio Since there already is the api_key-table with borrowers 15:26 kivilahtio or atleast that is what jajm created when we were pushing the first patches 15:26 kivilahtio and I finalzied into somethin nice 15:26 kivilahtio This way every user in our library can make their own API key from OPAC 15:27 kivilahtio and start consuming our API with the permissions they have 15:27 kivilahtio I think this is great! 15:27 kivilahtio And this is one of the marketing things I use here to sell our API 15:27 kivilahtio that everyone can write thei own app to interact with Koha 15:27 tcohen kivilahtio: my plan is to resurrect those patches this week 15:28 tcohen stripping the Auth refactoring stuff 15:28 tcohen and have /auth/token use that table 15:28 tcohen to get the key/secret stuff 15:29 kivilahtio tcohen: dont hesitate to steal from here 15:29 kivilahtio https://github.com/KohaSuomi/kohasuomi/blob/kohasuomi3.16/opac/opac-apikeys.pl 15:29 tcohen kivilahtio: yes, that's on the bug, at least some version of it 15:29 kivilahtio it is important to use the Koha::ApiKeys 15:29 tcohen you asked what you could help with 15:29 kivilahtio instead of having all the code in the opac/opac-apikeys.pl 15:29 tcohen go remove the deps on the rewrite from Koha::ApiKeys 15:30 kivilahtio tcohen: good idea 15:30 kivilahtio tcohen: I can port this feature to latest master soon 15:30 tcohen bug 13920 15:30 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13920 new feature, P5 - low, ---, julian.maurice, In Discussion , API authentication system - proposal 15:31 tcohen and remove the V1.pm changes 15:31 tcohen just leave the CRUD 15:33 tcohen hm, it seems we only need to use Julian's patch 15:33 kivilahtio tcohen: yup 15:34 tcohen 38ºC, better than earlier :-D 15:36 jajm tcohen, kivilahtio, if you plan to resurrect bug 13920 i should warn you that there were strong opinions against it (iirc the main one was "don't write your own auth system, and use OAuth") 15:36 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13920 new feature, P5 - low, ---, julian.maurice, In Discussion , API authentication system - proposal 15:36 kivilahtio jajm: thanks for the warning 15:36 kivilahtio jajm: I agreee 15:36 kivilahtio jajm: Now we are using OAuth :) 15:36 jajm okay, cool :) 15:37 kivilahtio jajm: also I think we can get rid of the API key digest algorithm and use basic auth 15:37 kivilahtio because all traffic is via https 15:37 kivilahtio so just send the api_key and api_username plaintext in the Authorization-header 15:37 kivilahtio I guess this is what is intended in the OAuth2 spec 15:38 kivilahtio ""[17:36:47] <kivilahtio> jajm: Now we are using OAuth :) "" I meant we are moving to OAuth, not using it atm 15:41 kivilahtio jajm: tcohen: what do you think about changing the Swagger2-spec to YAML? 15:41 kivilahtio It is much much easier to read and edit in YAML 15:42 kivilahtio https://github.com/KohaSuomi/Hetula/blob/master/Hetula/public/api/v1/swagger/swagger.yaml 15:42 tcohen if I had time to invest, I'd rather spend it in migrating to OpenAPI 15:43 kivilahtio tcohen: we are already doing that 15:43 kivilahtio tcohen: lari has finished the work on the endpoints already pushed to master 15:43 kivilahtio tcohen: I guess it would have been kinda nice to tell you earlier 15:43 kivilahtio tcohen: we already have a ton of new endpoints lari has done 15:43 kivilahtio just check Lari Taskula in bugzilla 15:43 jajm kivilahtio, i think it's a matter of taste, both formats have pros and cons 15:44 kivilahtio jajm: So far I have far less issues with YAML than JSON. 15:44 kivilahtio jajm: but please share your cons of YAML? 15:46 jajm kivilahtio, what i don't like about yaml is that whitespaces are significant 15:47 tcohen I like YAML, because it is human-readable 15:47 kivilahtio jajm: I feel you. I have found out that it is easier to fix whitespace indentation issues than to find missing ending punctuations 15:47 tcohen for JSON you better use a tool to edit the files 15:47 kivilahtio especialyl the neding pucntuations 15:47 kivilahtio especially the ending punctuations 15:48 kivilahtio but I remember disliking YAML for the whitespace. But hacing used Ansible quite too much, I kinda learned to love YAML 15:52 jajm kivilahtio, also i'm never sure about the types, for instance if you write "key: 42", is 42 a string or an int ? "key: true" string or boolean ? maybe i don't like yaml because i don't know it enough, but JSON is simpler :) 15:52 kivilahtio yeah 15:52 kivilahtio that was really awkward 16:17 LibraryClaire laters #koha 16:29 ashimema there's too much rambling to read back over all of that 16:29 * ashimema was collecting kids from school 16:29 ashimema But.. I think from the skim read that OAuth basically solves all over those issues. 16:30 ashimema please don't add client records to the borrowers table though.. that's a terrible idea 16:30 ashimema the point is that you need to identify all three parties involved in tansactions 16:30 ashimema client, resource and owner 16:30 ashimema Koha is the 'resource'.. or rather all the stuff in it is.. 16:31 ashimema client is whatever system is consuming the api 16:31 ashimema and finally owner is the 'user' that wants to interact with the resource 16:31 ashimema you don't need to have two Auhorization headers at all 16:31 ashimema you need to use an OAuth flow.. 16:32 ashimema for instance.. UserPassword flow as you seem to really like to use as an example 16:33 ashimema you hit the /token endpoint with the username+password of the 'owner' in the query parameters.. but there's nothing in there stopping you from having the client_name and client_password (i.e. client credentials) in the Authorization header as a BASIC auth.. 16:33 ashimema that way you are doing two auths.. 16:34 ashimema the header is being used to authenticated the 'client' is who it says it is.. and then the query parameters are being used to authenticated the 'owner' (i.e. user) that the client wants to act for. 16:34 ashimema you need to keep those parties seperate for the sake of sanity.. 16:34 ashimema oh.. and PasswordAuth is the least secure of all methods.. it should only be allowed as a last resort 16:34 ashimema and... it shouldn't support refresh tokens 16:35 ashimema I think we should be focusing on implimenting Client Credentials Grant, Implicit Grant and Code Grant flows (but once you've done that it's not hard to also support Password Grant.. though I might suggest we don't for security reasons) 16:36 * oleonard has nothing to contribute but waves to ashimema 16:36 ashimema anywho.. the patch will include additional tables for storing clients 16:36 ashimema hi oleonard 16:36 ashimema ^ kivilahtio 16:36 ashimema /,e goes back to cook tea for kids and then will be hacking on OAuth again this evening 16:37 * cait copies oleonard 16:39 kivilahtio ashimema: if the password-grant is mixed with the client basic auth. I think that is very secure 16:39 kivilahtio possibly not as secure as the code-grant since you are redirected to a auth server 16:39 kivilahtio ashimema: but the password-grant implies that the password is coming from a trusted source 16:40 kivilahtio ashimema: I agree that it shoulnd't be used in the wild for public access 16:40 kivilahtio ashimema: I am using it more like in a priviledge escalation manner 16:40 kivilahtio ashimema: And I am planning to support refresh tokens, otherwise our 3rd party will jsut store our users passwords in their db 16:41 kivilahtio ashimema: see the link I posted about borrowers-table -> api_keys-table 16:41 kivilahtio ashimema: https://github.com/KohaSuomi/kohasuomi/blob/kohasuomi3.16/opac/opac-apikeys.pl 16:42 kivilahtio and from tcohen Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=13920 16:42 huginn 04Bug 13920: new feature, P5 - low, ---, julian.maurice, In Discussion , API authentication system - proposal 16:42 kivilahtio ashimema: our users must be able to generate their own API-keys 16:42 kivilahtio ashimema: the SIP2-clients are borrowers-rows, their borrower category is AUTOMAT 16:42 kivilahtio ashimema: in the same fashion non-human API consumers can be AUTOMAT 16:42 kivilahtio ashimema: anyway gotta go home 16:42 kivilahtio wife misses ime 17:15 reiveune bye 17:19 Guest1381 Project Koha_Master_D8 build #118: UNSTABLE in 1 hr 39 min: https://jenkins.koha-community.org/job/Koha_Master_D8/118/ 17:39 gmcharlt @quote random 17:39 huginn gmcharlt: Quote #217: "<slef> maybe I should chew their legs off, then use the sharp bony end to kill kittens...?" (added by mtompset at 03:29 PM, September 26, 2012) 17:39 jls is today a bugfix release date? looked here but no longer seeing the calendar: https://koha-community.org/about/release-schedule/ 17:40 jls just trying to identify why a new issue has surfaced at a few branch libraries.... thanks. 17:45 cait jls: yes, 16.11.04 has been released this morning 17:45 cait I think 16.05 is underway, 3.22 was a few days ago 17:46 jls yes but I thought there was a bugfix release on the 22nd of each month... We aren't scheduled for 16.11 yet. 17:46 jls trying to identify why a local issue has popped up today.... 17:46 cait sometimes the date is a bit off 17:46 cait which version are you on? 17:46 jls 16.05 17:46 jls thanks 17:47 cait ah ok, i think mtj mentioned he was workin gon it this morning 17:47 cait best to watch the mailing list or the koha community website - it will be announced on both 17:47 jls okay 17:47 cait https://koha-community.org/news/ 17:47 cait have to leave - by all! 18:00 drojf bye #koha 20:01 mtompset Greetings, #koha. 20:01 mtompset @seen mtj 20:01 huginn mtompset: mtj was last seen in #koha 12 hours, 31 minutes, and 37 seconds ago: <mtj> congrats cait++ - i am working on a 16.05.x release now 20:06 * druthb waves to talljoy, just because 20:06 talljoy hi!!! 20:06 talljoy how goes things? 20:06 druthb perking along. Wedding in 10 days. 20:07 talljoy oh my gosh 20:07 * magnuse waves to #koha, just because 20:07 talljoy are you going to be staying in houston? 20:07 talljoy or moving to a new love nest/lair somewhere else? 20:07 druthb He's moved into my Lair. :) 20:08 talljoy awesome! 20:08 * druthb waves to magnuse 20:09 * magnuse waves to druthb and talljoy 20:09 talljoy hi magnuse 20:09 magnuse hiya talljoy 20:11 magnuse @wunder enbo 20:11 huginn magnuse: The current temperature in Bodo, Norway is -4.0°C (8:50 PM CET on February 22, 2017). Conditions: Mostly Cloudy. Humidity: 74%. Dew Point: -8.0°C. Windchill: -11.0°C. Pressure: 28.82 in 976 hPa (Rising). 20:16 magnuse it's rather pretty now, with all the snow 22:20 mtompset *sigh* 22:20 mtompset Anyone know why the OverDrive integration into OPAC is giving me an Internal Server Error? 22:21 mtompset Or more accurately, why is it even trying, when I don't have OverDrive enabled? 22:23 oleonard mtompset: I'll suggest what kidclamp_away suggested earlier: Restart memecached and run db update manually 22:23 oleonard That worked for me (kohadevbox) 22:24 mtompset I'm running this on an oldschool git install, not a kohadevbox. 22:24 mtompset I have no overdrive variables set. 22:25 mtompset I suspect this would work if i disabled, but had the variables set. 22:25 mtompset The problem being, I don't know what values to set the system preferences to. 22:25 mtompset because I am not subscribes to OverDrive. 22:25 mtompset ^subscribed 22:25 oleonard What's the error mtompset? 22:26 mtompset [Wed Feb 22 17:17:08.480655 2017] [cgi:error] [pid 7045] [client 192.168.71.100:52503] AH01215: [Wed Feb 22 17:17:08 2017] overdrive: OverDriveClientKey pref not set at /home/mtompset/kohaclone/opac/svc/overdrive line 38., referer: http://library.debiankoha.ca/cgi-bin/koha/opac-user.pl 22:26 mtompset The URL is totally bogus. 22:27 mtompset I'm pretty sure the croak causes the internal server error visible in the opac. 22:27 mtompset Summary tab of opac-user. 22:28 mtompset slight lag, and then internal server erorr is inserted. 22:29 edveal mtompset is this happing for all searches in your opac? 22:29 mtompset and since there is a slight lag, I suspect this is some java script somewhere, but my tracing skills of javascript triggering is poor. 22:29 mtompset No... 22:29 mtompset I'm attempting to test bug 18118 22:29 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18118 normal, P5 - low, ---, mtj, Needs Signoff , Unexpected behaviour with 'GoogleOpenIDConnect' and 'OpacPublic' syspref combination 22:29 mtompset which caused me problems. 22:29 edveal ah ok 22:29 mtompset so I wrote bug 18144 22:29 huginn 04Bug http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=18144 normal, P5 - low, ---, mtompset, Needs Signoff , Removal of persona broke openidconnect 22:29 mtompset so then I applied 18144 and 18118 22:29 mtompset and tried to log in. 22:30 mtompset when it puts me on the opac/opac-user.pl page, I get the internal server error as part of the check out data table. 22:30 mtompset even though I have no overdrive stuff set. 22:30 oleonard What about in master mtompset? 22:31 mtompset This is master. 22:32 mtompset On an oldschool -- NOT kohadevbox -- git install. 22:32 oleonard You just said you applied patches, so I assumed you were not testing master 22:32 mtompset OH... sorry, misunserstood. 22:32 mtompset Let me check. 22:33 mtompset Same problem on master with a regular log in. 22:35 mtompset So, if anyone has OverDrive set to work, if you could make note of your settings, set it to blank and turn off overdrive, and allow logins to your OPAC, I'm pretty sure you will see the problem on master. 22:35 phemmy hello anyone here to help on some technical docmentation pls 22:35 mtompset phemmy: Perhaps. :) I never promise answers, though I try. :) 22:35 oleonard I don't get an error when logging in but I get when when searching in the opac. "Internal server error" 22:35 mtompset Do you have circulation? 22:36 mtompset I am using a practically empty DB, oleonard. 22:37 mtompset Fresh install, all sample data, one book imported via z39.50, reindexed, Koha Admin set to superlibrarian and username, password, and primary email address set. 22:38 mtompset phemmy: That was a kind of yes. What's the technical documentation help you need? 22:38 phemmy installation on my localserver 22:39 oleonard Interesting... I get an error when searching in the staff client too 22:40 mtompset phemmy: what do you mean installation on my local server? How to install Koha on a server? 22:41 phemmy on my system without internet that is on intranet 22:42 mtompset And what operating system is this server going to be running? 22:43 mtompset Is there anything else running on this server? 22:44 phemmy linux probably 22:44 talljoy cait do you know what the syspref 504MARC is in 16.11? 22:45 talljoy what does that relate to? 22:45 cait 504marcß 22:45 cait ? 22:45 cait is it really called 504marc? let me check 22:46 talljoy is it a german thing? 22:46 cait i am not seeing it in my installation 22:46 talljoy weird, it's in ours. 22:46 cait sorry,maybe i am misunderstanding you 22:46 cait which tab? 22:46 talljoy sorry not a syspref 22:46 talljoy it's a authorisedvalue category 22:46 cait ah 22:46 cait i don 22:46 * talljoy is tired = long day 22:46 cait t think that is standard 22:46 cait maybe they just added it? 22:47 mtompset phemmy: Then perhaps https://wiki.koha-community.org/wiki/Koha_on_Debian is what you are looking for. 22:47 cait not standard 22:47 cait sorry, my hand is half asleep :) 22:47 talljoy well if it's not standard, then i'm not going to add it to my migration databases. 22:47 talljoy if it breaks we'll find out what it's for! ha 22:48 cait heh 22:48 cait 504 is a note field 22:48 cait not sure what you coudl authvalue there 22:48 talljoy jz just found it 22:48 talljoy bibliography note: "includes index" etc 22:49 talljoy i guess it's just a common note for some catalogers that can be linked to the 504 tag and frameworks. 22:49 cait yeah - but as you can't mix authvalue and free text entry... not sure how useful 22:49 talljoy ikr 22:49 cait do you see where it came from? 22:49 talljoy jz found it in her database. 22:49 talljoy and she got a random one from larry. 22:49 talljoy so it's a mystery. 22:49 talljoy and a non-sequitur 22:50 cait hm git grepped master, it's not turning up there 22:51 cait why did you ask if it was german? :) 22:51 talljoy we think it was just an old copy of a demo database highlighting the frameworks and ability to tie in to authorised values 22:51 talljoy oh, probably a typo, but you typed marc504ß 22:51 talljoy random reference. 22:51 cait ah 22:51 talljoy are you going to hackfest cait? 22:52 cait just because ? and ß are the same key on my keyboard 22:52 talljoy HA! 22:52 talljoy another mystery solved! 22:52 cait not this year I am afraid 22:52 cait :) 22:53 talljoy bummer. 22:55 bag yeah BIG bummer 22:55 bag or BUMMER (that’s big) 22:55 cait talljoy: go to the crepes place 22:56 bag it is a requirement cait 22:56 cait think of me and order one with salted butter caramel :) 22:56 bag I’ll be there :) 22:56 talljoy crepes 22:56 talljoy mmmmmm 22:57 bag these are good ones talljoy 22:58 oleonard talljoy: Raise a glass or 4 to your absent comrades. 22:59 * talljoy plans to pack the aspirin 22:59 dani I barely remember the crepes, I think I was going on 24 hours without sleep at that point in Oct 22:59 talljoy don't go until i get there bag 22:59 oleonard I *know* I was on 24 hours without sleep. 23:00 bag talljoy: we’ll go monday night :) 23:01 bag yeah dani we did a ton in the first 36 hours 23:01 dani Yeah, I was so proud to have made it to Monday without crashing 23:01 dani ha 23:01 bag train tickets I need to buy train tickets 23:01 bag ok back in a sec 23:02 talljoy oooo this is new for 16.11 yes? Sereal/Encoder.pm 23:03 talljoy dani you familiar with that? 23:03 talljoy i can't run updatedatabase.pl without it 23:03 dani i am not 23:04 bag talljoy: do you fly home from marseille 23:04 talljoy mrs to lhs to dfw 23:04 talljoy with 24 hours in lhr 23:04 talljoy s/lhs/lhr/ 23:04 cait @wunder lhr 23:04 huginn cait: The current temperature in London, United Kingdom is 11.0°C (10:50 PM GMT on February 22, 2017). Conditions: Light Rain. Humidity: 94%. Dew Point: 10.0°C. Pressure: 29.68 in 1005 hPa (Steady). 23:04 talljoy flying out of paris was economically impossible 23:04 cait aha! 23:05 bag ok thanks that’s all I needed to know :) 23:18 mtompset talljoy: Yes, that library is new, as far as I know. 23:21 talljoy yup getting installed now! 23:25 mtompset @wunder yyz 23:25 huginn mtompset: The current temperature in Toronto Pearson, Ontario is 5.0°C (6:00 PM EST on February 22, 2017). Conditions: Overcast. Humidity: 93%. Dew Point: 4.0°C. Windchill: 3.0°C. Pressure: 29.78 in 1008 hPa (Falling).