Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
Brittany Kusi
@bkusiap_gitlab
chrome*
I open a group --> then select Map this group button
map doesn't appear, refers to javascript console for details which lists all the content security policy errors. I tried adding some lines in my .htaccess file per google discussions, but that doesn't resolve the erorrs
Charles Crossan
@crossan007
@bkusiap_gitlab Do the content security policy entries in your Javascript console begin with [ReportOnly]?
like this:
image.png
If they're [ReportOnly] (which they should be), then this is not a cause for concern.
Charles Crossan
@crossan007

@MrClever RE PHP7.0 support ending: It's hard to say, and we'll have to triage what works / breaks.

There are dependencies within the test suite which both have security vulnerabilities AND no longer support PHP7, so if I update those dependencies, then we can't run PHP7 tests.

I can experiment a little to see if we can mitigate the security vulns whilst keeping php7 - I'm not sure which exact deps are at risk
James G
@MrClever
Out-of-support platforms are a honey-pot for people with nefarious motivations and I’ll never stand in the way of maintaining a secure code base. I was just wondering if there’s a window in which we can warn our users before we “turn off” their installations? I’m looking at it from a UX/communication perspective.
Charles Crossan
@crossan007
yep. Totally valid thoughts.
James G
@MrClever
Seeing as PHP7.0 is now dead, I think we need to be communicating our intention to end support for it ASAP. People might need time to migrate to different hosting etc.
Charles Crossan
@crossan007
1) we have the "message broadcast" mechanism to display a banner at the top of all installs. We usually reserve this for extreme urgent communications.
2) we can push an update with an administrative task to "future proof the platform" and inform of future - -unsupported configs (and optionally block update until satisfied)
I think "2" probably "the right way", followed by issuing a broadcast of "1" after releaseing "2"
James G
@MrClever
Agreed - #2 sounds like a plan. I don’t think “broadcast” level comms is appropriate; the sky isn’t falling (yet)
Charles Crossan
@crossan007
I'm always hesitant to adjust the upgrade process though. Since the steaks are kind of high.
James G
@MrClever
No argument from me. It would be a really bad day for users on PHP 7.0 if they ran a routine update and their system suddenly stopped working though, without any warning.
Charles Crossan
@crossan007
@MrClever Yep I agree.
Hey, I just found out, I'm acutally running my prod instance on php 7.0. I should talk to my VPS system admin.... oh wait, that's me D'oh.
George Dawoud
@DawoudIO
we can block 7.0 for new installs
Brittany Kusi
@bkusiap_gitlab
yes it does begin with [Report only], so does it mean it shouldn't be working?
right now the map feature isn't displaying or working at for me
Charles Crossan
@crossan007
@bkusiap_gitlab [Report only] just means that the CSP didn't acutally block loading those resources
So, something else is breaking your maps, but it's most likely not the content security policy
George Dawoud
@DawoudIO
@crossan007 do you still see value in the CSP stuff..
Charles Crossan
@crossan007
@DawoudIO we should finish the CSP implementation - it's important that we're protecting the application's resources from manipulation of external javascript.
Brittany Kusi
@bkusiap_gitlab
is there anywhere else I should be adding the API other then in the admin setings?
Charles Crossan
@crossan007
@bkusiap_gitlab I think sGoogleMapKey and sGeoCoderProvider are the only settings you really need to configure for maps to work (both are on the System Settings | Map Settings page)

@bkusiap_gitlab if you're OK with the data sharing (google maps key), you can record a HAR file (https://support.zendesk.com/hc/en-us/articles/204410413-Generating-a-HAR-file-for-troubleshooting) and send it to me over direct message. I should be able to piece together what your browser is doing / failing to do while loading maps.

The scope of the HAR file recording should begin AFTER you've logged in (I do not want a recording of your password), and BEFORE you navigate to the maps page.

The recording should end after the maps page has finished loading (or when it's completely failed and isnt' trying to load anything more)

Edit

Actually, this looks like it would include more than just your maps API key, as member names and addresses would be included. Maybe we shouldn't go down this road.

Brittany Kusi
@bkusiap_gitlab
thanks I realized i didnt have my APIs enabled in google console
Charles Crossan
@crossan007
Oh. lol, that will do it.
Brittany Kusi
@bkusiap_gitlab
once I did that it started working. Thanks for the help!
Jason Dunsmore
@jasondunsmore
Whenever I click "Update All Family Coordinates", I just see "Families without Geo Info: 0". But that isn't true, there are a bunch of families without geo coordinates. Am I missing something?
Brittany Kusi
@bkusiap_gitlab
Hello, I am receiving an error "Application Integrity Check: Failed" on my .htaccess file. Hash mixmatch. I haven't changed or modified anything . How can I clear this?
Charles Crossan
@crossan007
@bkusiap_gitlab you said above that you modified .htaccess while troubleshooting the maps issue. You can mostly ignore this warning, since you knowingly modified the file.
George Dawoud
@DawoudIO
@jason is that no cords or bad cords
Jason Dunsmore
@jasondunsmore
@DawoudIO I don't understand your question
George Dawoud
@DawoudIO
Do you think the dB data is missing or bad
Jason Dunsmore
@jasondunsmore
@DawoudIO I just checked the db. All families have NULL for fam_Latitude and fam_Longitude
All have addresses
Charles Crossan
@crossan007
@MrClever based on our earlier discussion :-) ChurchCRM/CRM#4925
James G
@MrClever
Oh wow - that’s kinda the ultimate goal I was pondering “down the track” somewhere. NICE!! I’ll trivet it later this morning.
Charles Crossan
@crossan007
I think we have a small chicken and egg problem for distributing the update check logic in tandem with the breaking upgrades. For which I think we can use semver to our advantage by adjusting the update class to only upgrade major/minor versions if the currently running version is already the latest patch for that minor version. Otherwise it will update to the latest patch for the current minor version.
James G
@MrClever
Makes sense. So are you going to revise PR #4925?
Charles Crossan
@crossan007
I opened #4925 as a draft PR
It's nowhere near ready to merge. still ugly code ;-)
Just getting momentum on a direction
James G
@MrClever
Ok - gotcha. Might have some time today to checkout your branch and have a play.
Charles Crossan
@crossan007
@MrClever ok, I implemented step-wise upgrading in #4925. The code is a bit ugly still, but I cpatured debug log and example step-wise upgrades: https://github.com/ChurchCRM/CRM/pull/4925#issuecomment-524513667
Charles Crossan
@crossan007
I'm out for the evenint. Let me know what you think of the new upgrade approach.