| Time |
Nick |
Message |
| 00:47 |
|
mnsri joined #evergreen |
| 05:31 |
pinesol_green |
Incoming from qatests: Test Success - http://testing.evergreen-ils.org/~live/test.html <http://testing.evergreen-ils.org/~live/test.html> |
| 06:29 |
|
ktomita joined #evergreen |
| 06:29 |
|
chatley joined #evergreen |
| 06:47 |
|
wsmoak joined #evergreen |
| 07:43 |
|
rjackson-isl joined #evergreen |
| 07:55 |
|
jboyer-isl joined #evergreen |
| 07:57 |
|
artunit joined #evergreen |
| 08:23 |
|
akilsdonk joined #evergreen |
| 08:25 |
|
Dyrcona joined #evergreen |
| 08:28 |
|
ericar joined #evergreen |
| 08:32 |
|
gsams joined #evergreen |
| 08:33 |
|
mrpeters joined #evergreen |
| 08:39 |
|
tspindler joined #evergreen |
| 08:47 |
|
mmorgan joined #evergreen |
| 09:00 |
|
kmlussier joined #evergreen |
| 09:03 |
|
artunit joined #evergreen |
| 09:19 |
|
yboston joined #evergreen |
| 09:26 |
|
collum joined #evergreen |
| 09:30 |
|
wsmoak joined #evergreen |
| 09:55 |
|
mllewellyn joined #evergreen |
| 10:02 |
|
sseng joined #evergreen |
| 10:03 |
|
akilsdonk_ joined #evergreen |
| 10:07 |
|
edoceo_ joined #evergreen |
| 10:15 |
|
RoganH joined #evergreen |
| 10:18 |
|
Dyrcona joined #evergreen |
| 10:36 |
|
Shae joined #evergreen |
| 10:38 |
|
mdriscoll joined #evergreen |
| 11:11 |
kmlussier |
I'm about to add a post to the community blog re: bug squashing day, but want to share this link again to make sure everything fits in with community procedures on testing/wrangling bugs. http://wiki.evergreen-ils.org/doku.php?id=dev:bug_squashing:2014-08-26 |
| 11:14 |
kmlussier |
Also, I'll probably do a quick video on how to sign off on bugs with Git GUI, but I had also floated an idea on the list last month about allowing people to sign off via a comment on LP. gmcharlt was the only person to respond to that question. http://markmail.org/message/ndjxvc7po4rpn3cg |
| 11:42 |
bshum |
kmlussier: I'm generally fine with gmcharlt's suggestion as long as we know that the person who says they've tested it comes from a site where we have some previously known presence (i.e. someone who actually loaded the patch to a server for testing) |
| 11:42 |
bshum |
Assuming a non-developer person is to the one giving the nod to signoff via LP. |
| 11:43 |
bshum |
I generally assume this to be true anyways, but it's one of those things we'll eyeball I guess. |
| 11:43 |
gmcharlt |
bshum: I think we are more likely to get more testers if we assume good faith until proven otherwise |
| 11:44 |
bshum |
gmcharlt: Sure, I've generally committed based on whichever signoffs I can get anyways :) |
| 11:45 |
bshum |
But it's good to be clear on that upfront, thanks. |
| 11:46 |
kmlussier |
Do we want to ask that they use specific language when adding the comment to the LP bug? |
| 11:47 |
kmlussier |
Using the language gmcharlt used in his e-mail: "I have tested this code and consent to signing off on it."? |
| 11:48 |
bshum |
Some variant of "We tested this and it looks good to us, please add our signoff" seems fine to me. As long as they generally understand what it means to signoff on code. (aka, the DCO) |
| 11:48 |
gmcharlt |
... "with my email address and name or consistent alias" |
| 11:48 |
bshum |
Ah good addition, gmcharlt++ |
| 11:48 |
* Dyrcona |
wonders if anyone would notice opensrf.settings and open-ils.cat restarting in the middle of the day. |
| 11:49 |
bshum |
kmlussier: I'm still reading through the links you shared |
| 11:49 |
bshum |
But did we include mention about http://evergreen-ils.org/dokuwiki/doku.php?id=contributing#developer_s_certificate_of_origin ? |
| 11:50 |
kmlussier |
bshum: For sign-offs? |
| 11:50 |
bshum |
I mean technically that's what we once said was part of the meaning behind the sign-off-by line |
| 11:50 |
bshum |
Or maybe I'm misremembering |
| 11:50 |
gmcharlt |
well, it /is/ the meaning -- for patch authors |
| 11:50 |
bshum |
Ahh, authors, gotcha. |
| 11:51 |
bshum |
Got it now. |
| 11:51 |
gmcharlt |
"Tested-by" would be more clear, but until git has a convenient --add-tested-by switch... |
| 11:52 |
bshum |
Hehe |
| 12:06 |
Dyrcona |
Signed-off-by means, "I approve this commit," which implies, "I tested this commit." |
| 12:14 |
kmlussier |
gmcharlt: I added the sign-off text here. http://wiki.evergreen-ils.org/doku.php?id=dev:bug_squashing:2014-08-26&#testing_bugs Is this what you had in mind? |
| 12:15 |
gmcharlt |
kmlussier: +1 |
| 12:15 |
bshum |
+1 |
| 12:17 |
* kmlussier |
wanders off to write the blog post. |
| 12:26 |
|
ericar joined #evergreen |
| 12:39 |
|
jihpringle joined #evergreen |
| 13:10 |
|
hbrennan joined #evergreen |
| 13:17 |
hbrennan |
It's not a holiday at Equinox today, is it? |
| 13:17 |
bshum |
Too quiet? |
| 13:18 |
hbrennan |
Our system is down and I left a message 20 minutes ago. |
| 13:18 |
bshum |
Ah |
| 13:18 |
hbrennan |
Yes, because their response has always been so good, 20 minutes is forever |
| 13:24 |
gmcharlt |
hbrennan: apparent voice mail issue on our end - we'll call you |
| 13:24 |
|
RoganH joined #evergreen |
| 13:25 |
|
BigRig joined #evergreen |
| 13:28 |
hbrennan |
Oh, good!@ |
| 13:28 |
hbrennan |
See, it was good to be suspicious |
| 13:28 |
bshum |
gmcharlt++ ESI++ |
| 14:23 |
jeff |
deploying OpenKiosk on a Windows XP "opac terminal". Feels dirty, but it works. |
| 14:25 |
|
berick joined #evergreen |
| 14:29 |
dbs |
Hmm. openkiosk looks useful. does it autoupdate to new versions of firefox? |
| 14:45 |
|
vlewis joined #evergreen |
| 14:55 |
bshum |
dbs: Are you talking about http://openkiosk.mozdevgroup.com/ ? |
| 14:56 |
bshum |
I think they picked an older XUL and stuck with it. |
| 14:56 |
bshum |
Or at least that's what I remember the last time I looked under the hood |
| 14:56 |
bshum |
We use it too |
| 15:29 |
jeff |
it installs the maintenance agent service that COULD be used to update, but I don't know if it does. |
| 15:33 |
|
RoganH joined #evergreen |
| 15:34 |
jeff |
we've used it on boot-from-network and boot-from-local linux-based catalog terminals before. slightly older version, back when it was a firefox plugin. |
| 15:34 |
jeff |
of course, if it does autoupdate, the XP machines I deployed it on today aren't going to benefit much from it, since they're running deep freeze. |
| 15:54 |
|
b_bonner_ joined #evergreen |
| 15:55 |
|
dreuther_ joined #evergreen |
| 15:56 |
|
sseng_ joined #evergreen |
| 15:56 |
|
geoffsams joined #evergreen |
| 15:57 |
|
pmurray` joined #evergreen |
| 16:22 |
|
sarabee joined #evergreen |
| 16:27 |
|
ericar_ joined #evergreen |
| 16:27 |
|
tspindler left #evergreen |
| 16:39 |
sseng_ |
Question: can an authority record (main heading 151) control a bib tag 710? |
| 16:47 |
yboston |
sseng_: if you don't get an answer on IRC at this time, I suggest you ask on the EG cataloging mailing list |
| 16:47 |
sseng_ |
yboston: sounds good, thanks!! |
| 16:48 |
yboston |
sseng_: btw, thanks for your very low level work on authoirtites |
| 16:49 |
yboston |
meaning finding hard to find issues with back end authoirites code |
| 16:49 |
sseng_ |
yboston: =) |
| 17:04 |
|
mmorgan left #evergreen |
| 17:06 |
dbs |
@later tell kmlussier you are cryptic :) |
| 17:06 |
pinesol_green |
dbs: The operation succeeded. |
| 17:14 |
pinesol_green |
Incoming from qatests: Test Success - http://testing.evergreen-ils.org/~live/test.html <http://testing.evergreen-ils.org/~live/test.html> |
| 17:33 |
mllewellyn |
sseng_: my understanding is that 151 would not control 710. Tag 110 should control a 710 |
| 17:35 |
sseng_ |
mllewellyn: got it. that was my understanding as well. It's just, we have a bib that was in an export to backstage, and it has a 710 tag. It appears to be the only bib that could possibly generate an authority record, except that authority record heading is a 151 main heading. |
| 17:38 |
mllewellyn |
sseng: I've seen headings for the United States that would appear to be treating as a corporate body, but was a 151 instead. Maybe your original 710 was improperly tagged? |
| 17:39 |
sseng_ |
mllewellyn: i've found examples of this as well in LOC |
| 17:39 |
sseng_ |
mllewellyn: here's an example authority record: http://id.loc.gov/authorities/names/n83003661.html |
| 17:39 |
sseng_ |
mllewellyn: and here's an example bib: http://catalog.loc.gov/vwebv/staffView?searchId=9917&recPointer=0&recCount=10&searchType=1&bibId=4772766 |
| 17:41 |
sseng_ |
mllewellyn: the bib has a 710 and the auth is a 151. at the same time, I don't know enough about MARC to identify whether it was a miscataloged or .... |
| 17:41 |
mllewellyn |
sseng_:that link didn't bring up a record |
| 17:41 |
sseng_ |
mllewellyn: how about this one? http://lccn.loc.gov/86101942 |
| 17:41 |
mllewellyn |
sseng_:never mind, I copied and pasted and got there. |
| 17:42 |
mllewellyn |
sseng_:hmm, I'm not sure about Barnstable County as a corporate author for this work. |
| 17:43 |
sseng_ |
mllewellyn: here's more "author" results from a browse from LC: http://catalog.loc.gov/vwebv/search?searchType=7&searchId=9974&maxResultsPerPage=25&recCount=25&recPointer=0&resultPointer=0& |
| 17:44 |
mllewellyn |
sseng_:but I don't see a reason for it to be flipped to 151 |
| 17:45 |
mllewellyn |
sseng_:that other link isn't working for me, even copied and pasted. Is there more after 0&? |
| 17:46 |
mllewellyn |
sseng_:I looked at that first record on OCLC where the 710 is linked to an auth record, and when I click on the heading, it takes me to the 151 heading. |
| 17:46 |
mllewellyn |
sseng_:so I guess it's legit. |
| 17:47 |
sseng_ |
mllewellyn: it's a bit confusing to me at this time :/ |
| 17:47 |
sseng_ |
mllewellyn: I sent in a question to LOC detailing this example, hopefully will get an explanation |
| 17:47 |
mllewellyn |
sseng_:good luck. I'd be interested in the answer, too. |
| 17:48 |
sseng_ |
mllewellyn: yep, will share, maybe in the mailing list when there's a response for this |
| 17:52 |
|
npoolos joined #evergreen |
| 17:54 |
npoolos |
I am looking at a crash we had overnight. There was some SQL injection attacks logged. Where does evergreen do query validation/SQL inject mitigation? |
| 18:04 |
|
Callender_ joined #evergreen |
| 19:41 |
|
dcook joined #evergreen |
| 20:00 |
jeff |
npoolos: do you have reason to believe that the SQL injection attempts were successful in any way? |
| 20:03 |
jeff |
npoolos: if you have enough details that you believe you have a security-related bug to report, https://bugs.launchpad.net/evergreen is the place -- marking the bug as "security" is desired. |
| 20:04 |
jeff |
npoolos: but to (partially) answer your other question, much (but not all) of the protections against SQL injection are dealt with by Evergreen API methods using json_query to construct parameterized queries. |
| 20:05 |
jeff |
others with more time at the moment may answer in more detail -- i've a few things pulling me away from irc at the moment. |
| 20:07 |
npoolos |
jeff: Thanks. No proof. Just odd we have had the same sort of crash about 6 months ago. SQL timing and injection attempts look similar. I'll take a look at the json_query code. |
| 20:09 |
npoolos |
I was wondering if there was a good place to build a mod_security config from. |
| 22:00 |
|
wsmoak joined #evergreen |
