Time Nick Message 01:45 THiera_ Hi 06:04 reiveune hello 06:21 magnuse \o/ 06:32 matts hello ! 06:43 magnuse kia ora matts! and happy birthday that was 06:44 matts thank you magnuse :) 06:56 thd pauldersheid[m]: Did you receive my email about general mailing list contacts from two weeks ago? 07:35 cait good morning #koha 07:53 cait Fixing patron search problem from bug 36302 quickly right now - will be back in the afternoon then for more pushes. 07:53 huginn` 04Bug https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36302 critical, P5 - low, ---, pedro.amorim, Pushed to master , Patron search from search bar broken 08:21 PedroAmorim[m] \o 08:37 cait o/ 09:33 paulderscheid[m] Morning #koha 09:33 paulderscheid[m] thd yes 09:36 thd pauldersheid[m]: I have subsequently discovered that the mailgate service we are using to send mail for the wiki and some other services does not attach DKIM signatures nor have a DMARC record. 09:38 thd pauldersheid[m]: I have been working on a Postfix mail relay to fix the problem. The mailgate service may still be valuable for maintaining mail IP address reputation but mail needs to go first to another server which applies a DKIM signature. 09:39 thd pauldersheid[m]: I have things almost working now for docker-mailserver after starting with some simpler Postfix mail relays in Docker containers. 09:42 thd pauldersheid[m]: In the past two weeks there were two people for whom I had to set passwords manually on the command line because lack of DKIM directly from secure-mailgate was leading even a library mail system in one case to block the account confirmation email and not even leave it in spam. 09:43 thd s/set passwords/set wiki passwords/ 09:45 thd pauldersheid[m]: Configuring a mail server on the host system is much easier than the supposedly user friendly interface to Postfix etc. provided by cotainerised mail servers with some mysterious options unique to the particular container. 09:46 thd s/particular container/particular container configuration design/ 09:54 thd pauldersheid[m]: An hour ago I had mail relaying from a testing instance of the wiki to docker-mailserver providing a DKIM signature and then to secure-mailgate for sending. However, my last setting change did the wrong thing and broke authentication from Dovecot in docker-mailserver becasuse ENABLE_SASLAUTHD=1 turns off Postfix SMTPD authentication provided by Dovecot over the Postfix smptd port, not the Dovecot port, for docker-mailserver. 09:59 thd pauldersheid[m]: docker-mailserver seems to have some nonstandard implementation of virtual mailboxes for them to be managed by Dovecot but not Postfix. 10:00 thd s/non-standard/uncommon/ 10:13 thd tcohen: Is that really you? 10:38 mtj hi cait, about now :) 10:39 mtj hi Joubu, will finish off bug 35614 now 10:39 huginn` 04Bug https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35614 major, P5 - low, ---, mtj, Passed QA , Update cpanfile for Mojolicious::Plugin::OpenAPI v5.09 11:05 tcohen hola 11:05 thd hola 11:06 thd tcohen: Did you see my IRC message from late in the day yesterday about wiki backup completeness? 11:06 tcohen I haven't 11:07 thd tcohen: I may have discovered a deficiency with wiki backups. The gzipped SQL file backup file included in srv.tar.gz posted to Nextcloud is only current for the wiki.test database which is necessarily not current content. The backup in daily/srv/mariadb_10_6/mysql/mariadb_10_6_wiki.sql.gz has updated dates but despite the name of the file seems to be the wiki.test database. 11:07 thd tcohen: I was able to restore the database from the backup of /var/lib/docker/volumes from var_lib_docker_volumes.tar.gz but the current Gzipped SQL file in srv.tar.gz does not seem to include the current wiki database and may mistakenly have the wrong name. 11:07 tcohen is there a problem with the wiki? 11:07 tcohen I will check the backup scripts 11:08 thd No everything is more than fine with the wiki generally. 11:08 tcohen we put the backups on an external service 11:08 tcohen so I have doubts about what's in that 'daily' directory 11:08 tcohen but you might be right 11:08 tcohen let me check and come back to you 11:09 thd I looked closely at the backups in the wake of the wiki going down for several hours in what might have been hardware failure. 11:09 thd When the wiki was restored, nothing appeared to be lost. 11:11 thd Did the hosting company explain what had happened? It seemed unlikely that even a daily snapshot would not have lost something in the interval. 11:14 thd tcohen: In other news, I have an improvement for mail services with DKIM signing on a Postfix relay then to secure-mailgate which does not do DKIM signing. 11:14 paulderscheid[m] When does the meeting start? 11:14 thd I believe in 45 min. 11:14 tcohen paulderscheid[m] I don't know, I just woke up 11:15 tcohen hehe 11:15 paulderscheid[m] maybe in 45 min, cait? 11:16 * thd has not slept for testing a Postfix relay service. 11:16 tcohen thd that sounds great 11:17 thd tcohen: I have the mail relay working in docker-mailserver. Doing this directly on the host would be much easier but maybe docker-mailserver has some small portability advantage. 11:18 cait oh no 11:18 cait sorry 11:18 cait did i mess up the meeting time? 11:19 cait ah ok, in 40 minutes, phew 11:19 thd tcohen: I had to set passwords on the command line for a couple of new wiki users because without DKIM they never received an email confirmation message nor would they receive a reset password message. 11:20 paulderscheid[m] gcal says it's 2PM in our time 11:20 tcohen yeah, same problem with jenkins notifications 11:20 paulderscheid[m] our = europe/berlin 11:21 thd I was surprised to discover that secure-mailgate was not applying DKIM signatures but that is apparently not part of their service. 11:22 thd Mail sender IP reputation management is still important and difficult. 11:25 thd Some of my systems are blocked for delivering mail to current default Postfix instances because myVPS.hostingcompany.com does not have a DNS record matching my IP address even though my own domain for the IP address does. 11:27 thd There may be a correction for such problems but they are outside my control as the user of the VPS. 11:32 * cait shakes her first at the yellow jenkins icon 11:33 cait mtj: did you see fridolin's email? 11:34 mtj hi cait, oops... just read it 11:39 tcohen someone said jenkins? 11:54 cait tcohen: I have a perlcirtic failure I don't ndertand on the left 11:54 cait D10 11:55 tcohen Joubu is it possible to make the commit hooks work within KTD without those 'docker not found' warnings? 11:56 pastebot "tcohen" at 127.0.0.1 pasted "Joubu" (43 lines) at https://paste.koha-community.org/41344 11:58 cait meeting in 3 minutes! 11:58 cait Jitsi room is open 11:59 cait #startmeeting Development IRC meeting 3 April 2024 11:59 huginn` Meeting started Wed Apr 3 11:59:29 2024 UTC. The chair is cait. Information about MeetBot at http://wiki.debian.org/MeetBot. 11:59 huginn` Useful Commands: #action #agreed #help #info #idea #link #topic #startvote. 11:59 huginn` The meeting name has been set to 'development_irc_meeting_3_april_2024' 11:59 cait #topic Introductions 11:59 cait #link https://wiki.koha-community.org/wiki/Development_IRC_meeting_3_April_2024 Agenda 12:00 cait #info Katrin Fischer, BSZ, Germany 12:00 paulderscheid[m] #info Paul Derscheid, LMSCloud GmbH, Germany 12:02 tcohen #info Tomas Cohen Arazi 12:02 EmmiTakkinen[m] #info Emmi Takkinen, Koha-Suomi Oy, Finland 12:03 cait #chair tcohen 12:03 huginn` Current chairs: cait tcohen 12:03 cait #topic Announcements 12:03 cait #info Hackfest in Marseille is next week! 12:05 cait #info thd might have a fix for the email issues with the wiki 12:05 cait thd++ 12:06 cait domm[m]: are you around maybe? 12:07 cait talking about the email configuration 12:08 emlam #info Emily Lamancusa, MCPL, USA 12:09 cait #topic Update from the Release manager 12:11 cait #topic Updates from the Release maintainers 12:11 cait #info RM will try to empty queue as much as possible before next week, lots of QA has been done over Easter holidays 12:12 cait #info Release should happen today! 12:12 cait #topic Updates from the QA team 12:12 kidclamp #info Nick Clemens, ByWater Solutions 12:14 cait #info QA queue is pretty full, please QA! 12:15 cait #topic Status of roadmap projects 12:15 cait #info tcohen working on the holds table merge (reserves, old_reserves) 12:16 cait #info tcohen will be testing a new pipeline for building ktd images on gitlab 12:22 cait #topic paulderscheid[m] using SMTP settings from HKS3 now for the Discourse project. Stuck on not being able to use DKIM which creates a problem sending to Google/Outlook 12:23 cait #action paulderscheid[m] and thd to figure out if the same mail solution as for the wiki can be used 12:28 cait #action cait to set a date for moving master to main after the hackfest (trying not to break workflows right now) 12:29 cait #info bugs with easy to re-do notices in TT are marked with Academy 12:31 cait #info TT switch: items.fine and some custom parameters need to be figured out in the code 12:31 cait #chair emlam 12:31 huginn` Current chairs: cait emlam tcohen 12:32 cait #topic Security bugs and news 12:34 cait bug 35984 12:34 huginn` 04Bug https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=35984 normal, P5 - low, ---, koha-bugs, NEW , automated static code analysis should include security tests 12:35 tcohen #info Evelyn and Tomas to contact german company offering static code analysis with Perl support 12:36 cait #info API still needs some CSRF work 12:37 cait #topic Actions from last meeting 12:37 cait #info No actions from last meeting! 12:37 cait #topic General development discussion 12:38 cait #info tcohen's proposal for REST API: Make our returns consistent when something doesn't exist 12:40 cait #info We are leaning towards having specific returns: patron X doesn't exist etc. 12:41 cait #info tcohen's review turned up a lot of inconsistencies to work on 12:45 fridolin hi 12:45 cait #topic Reviewof coding guidelines 12:46 cait #action tcohen to write a guildeline for the API returns when work has gone through QA 12:46 cait #topic Any other business 12:51 caroline I just came in, I can give an update on kohacon if you wish 12:52 cait #topic Set time of next meeting 12:53 cait #topic KohaCon24 12:53 cait will you come into Jitsi or do you ant to type it up? 12:53 caroline oh I forgot it was video meetings now 12:53 caroline give me a few seconds 12:53 thd Yes, caroline but you can also type. 12:54 cait #info CfP and workshops is still open until end of April 12:55 cait #info Preliminary program to be sent later this month 12:56 cait #info Information on hotels and special booking coditions is in the works 12:58 cait #info Presentations will be streamed online, no plans for online workshops yet 12:59 cait #info Registrations will probably open by the end of the month/May 13:00 cait #topic Set time of next meeting 13:01 cait #info Next meeting: 17 April 2024, 12 UTC 13:01 cait #endmeeting 13:01 huginn` Meeting ended Wed Apr 3 13:01:49 2024 UTC. Information about MeetBot at http://wiki.debian.org/MeetBot . (v 0.1.4) 13:01 huginn` Minutes: https://meetings.koha-community.org/2024/development_irc_meeting_3_april_2024.2024-04-03-11.59.html 13:01 huginn` Minutes (text): https://meetings.koha-community.org/2024/development_irc_meeting_3_april_2024.2024-04-03-11.59.txt 13:01 huginn` Log: https://meetings.koha-community.org/2024/development_irc_meeting_3_april_2024.2024-04-03-11.59.log.html 13:07 domm[m] cait: Sorry, I was offline. But regarding mail/DKIM we're investigating this with the mail provider 13:16 puphaus[m] Hi together :) I just read about the security updates and wanted to tell that on the page for 22.11.16 update ( the https://koha-community.org/koha-22-11-16-released/ ) the securitybugs are not listed :) 13:22 magnuse gah, missed the meeting 13:22 magnuse is it possible to move a hold/reserve from one record to another in koha? 13:25 magnuse ah nm, bug 31698 13:25 huginn` 04Bug https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=31698 enhancement, P5 - low, ---, koha-bugs, NEW , Add ability to move a hold to a new biblio/item 13:52 Joubu tcohen: "docker not found" - yes we can certainly remove the warning, but the tests won't run. You can still use --no-verify. 13:55 tcohen yeah, I was trying not to use --no-verify 13:57 Joubu then startup your docker container ;) 13:57 cait puphaus[m]: you can refer to the other release notes if they are listed there - they should all hve the same fixes 13:57 Joubu we could skip the tests if the container is not running, and display a nicer warning 14:04 Joubu fredericd: this is for you: 22.11 release notes do not contain sec bugs. 14:05 Joubu fredericd: 36244 for instance 14:05 Joubu The branch for this version of Koha and future bugfixes in this release 14:05 Joubu line is 22.11.x-security. 14:05 Joubu this also needs adjustement it seems ^ 14:05 Joubu (too late for this time, but maybe it needs to be fixed in the release-tools script) 14:17 puphaus[m] cait: yeah i looked at the other versions but i thought it would be good if i would inform about that bug :) 14:17 cait true, I just wanted to provide you immediate help 14:20 puphaus[m] that's was really nice from you, thank you! 14:26 thd tcohen: I need to sleep now but I should be able to provide a non-messy set of config files for docker-mailserver acting as a mailserver which provides DKIM signatures before relaying them on to secure-mailgate. The default has a large file of environment variables which we mostly do not need to set to a value but I do not know if excluding all the variable= with nothing after the '=' might break something. Some of those environment variables 14:26 thd might need to be defined or set as having no value for which they have a default value as distinct from being unset or undefined which might produce a problem. 14:36 paulderscheid[m] So just to be clear. 22.11.16 contains the CSRF fixes? 14:36 cait not the big fixes that are in master, no 14:36 paulderscheid[m] Huh? 14:36 cait they are not to be backported, some smaller stuff has 14:37 cait the big patch set that we froze master for is not going to be backported 14:37 cait but it contains a lot of important security fixes anyway 14:38 paulderscheid[m] Ok 14:38 paulderscheid[m] That's good to know. I completely misunderstood the state then. 14:39 paulderscheid[m] Thanks cait 14:46 domm[m] ups, I clicked on the mark-as-resolved button on the vue-discussion in the hackfest doc, and now the discussion is gone 14:46 domm[m] anybody knows how to undo that? 14:48 domm[m] ah, found it... sorry 15:00 aude_c[m] Hello, may I ask about Bug 20447 please... Has been signed off or has it not been signed off?! (Sorry for getting confused) 15:00 huginn` 04Bug https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=20447 new feature, P5 - low, ---, ere.maijala, Needs Signoff , Add support for MARC holdings records 15:04 paulderscheid[m] Currently not signed off it seems. 15:06 paulderscheid[m] On the other hand all attachments seem to have been signed off. 15:08 aude_c[m] Thanks! I'm glad I'm not the only one for whom it looked confusing :D 15:09 aude_c[m] Also, paulderscheid while you're still here... Are any libraries you're working with using your Room Reservations plugin? 15:10 paulderscheid[m] Yes, like 5 or so 15:10 aude_c[m] Great. We have a library that may be interested! 15:10 paulderscheid[m] Cool, would love you folks getting involved :D 15:11 aude_c[m] (But we're making them wait until after their upgrade... So in a couple of months we'll know whether they still want to try it out.) 15:11 aude_c[m] Will let you know if they take it up! 15:11 aude_c[m] But if you have public examples they could look at, I'm sure they'd be grateful 15:13 paulderscheid[m] Yes, I will add a bit of stuff to the README 15:14 aude_c[m] Brilliant, thank you 19:15 tacksline good afternoon 22:09 dcook . 23:38 mtj hi tcohen, could we setup a jenkins build to test packages in the koha-staging/exp release/suite/pocket? 23:40 mtj ...this would allow us to use jenkins to test new packages, without potentially breaking sandboxes and developer systems