Page MenuHomestyx hydra
Files F1455615

No OneTemporary
Actions

View Options

diff --git a/src/applications/config/controller/PhabricatorConfigWelcomeController.php b/src/applications/config/controller/PhabricatorConfigWelcomeController.php
index 37442c2375..a3ef29bbc8 100644
--- a/src/applications/config/controller/PhabricatorConfigWelcomeController.php
+++ b/src/applications/config/controller/PhabricatorConfigWelcomeController.php
@@ -1,421 +1,411 @@
<?php
final class PhabricatorConfigWelcomeController
extends PhabricatorConfigController {
public function handleRequest(AphrontRequest $request) {
$viewer = $request->getViewer();
$nav = $this->buildSideNavView();
$nav->selectFilter('welcome/');
$title = pht('Welcome');
$crumbs = $this
->buildApplicationCrumbs()
->addTextCrumb(pht('Welcome'));
$nav->setCrumbs($crumbs);
$nav->appendChild($this->buildWelcomeScreen($request));
return $this->buildApplicationPage(
$nav,
array(
'title' => $title,
));
}
public function buildWelcomeScreen(AphrontRequest $request) {
$viewer = $request->getUser();
$this->requireResource('config-welcome-css');
$content = pht(
"=== Install Phabricator ===\n\n".
"You have successfully installed Phabricator. This screen will guide ".
"you through configuration and orientation. ".
"These steps are optional, and you can go through them in any order. ".
"If you want to get back to this screen later on, you can find it in ".
"the **Config** application under **Welcome Screen**.");
$setup = array();
$setup[] = $this->newItem(
$request,
'fa-check-square-o green',
$content);
$issues_resolved = !PhabricatorSetupCheck::getOpenSetupIssueKeys();
$setup_href = PhabricatorEnv::getURI('/config/issue/');
if ($issues_resolved) {
$content = pht(
"=== Resolve Setup Issues ===\n\n".
"You've resolved (or ignored) all outstanding setup issues. ".
"You can review issues in the **Config** application, under ".
"**[[ %s | Setup Issues ]]**.",
$setup_href);
$icon = 'fa-check-square-o green';
} else {
$content = pht(
"=== Resolve Setup Issues ===\n\n".
"You have some unresolved setup issues to take care of. Click ".
"the link in the yellow banner at the top of the screen to see ".
"them, or find them in the **Config** application under ".
"**[[ %s | Setup Issues ]]**. ".
"Although most setup issues should be resolved, sometimes an issue ".
"is not applicable to an install. ".
"If you don't intend to fix a setup issue (or don't want to fix ".
"it for now), you can use the \"Ignore\" action to mark it as ".
"something you don't plan to deal with.",
$setup_href);
$icon = 'fa-warning red';
}
$setup[] = $this->newItem(
$request,
$icon,
$content);
$configs = id(new PhabricatorAuthProviderConfigQuery())
->setViewer(PhabricatorUser::getOmnipotentUser())
->execute();
$auth_href = PhabricatorEnv::getURI('/auth/');
$have_auth = (bool)$configs;
if ($have_auth) {
$content = pht(
"=== Login and Registration ===\n\n".
"You've configured at least one authentication provider, so users ".
"can register or log in. ".
"To configure more providers or adjust settings, use the ".
"**[[ %s | Auth Application ]]**.",
$auth_href);
$icon = 'fa-check-square-o green';
} else {
$content = pht(
"=== Login and Registration ===\n\n".
"You haven't configured any authentication providers yet. ".
"Authentication providers allow users to register accounts and ".
"log in to Phabricator. You can configure Phabricator to accept ".
"credentials like username and password, LDAP, or Google OAuth. ".
"You can configure authentication using the ".
"**[[ %s | Auth Application ]]**.",
$auth_href);
$icon = 'fa-warning red';
}
$setup[] = $this->newItem(
$request,
$icon,
$content);
$config_href = PhabricatorEnv::getURI('/config/');
// Just load any config value at all; if one exists the install has figured
// out how to configure things.
$have_config = (bool)id(new PhabricatorConfigEntry())->loadAllWhere(
'1 = 1 LIMIT 1');
if ($have_config) {
$content = pht(
"=== Configure Phabricator Settings ===\n\n".
"You've configured at least one setting from the web interface. ".
"To configure more settings later, use the ".
"**[[ %s | Config Application ]]**.",
$config_href);
$icon = 'fa-check-square-o green';
} else {
$content = pht(
"=== Configure Phabricator Settings ===\n\n".
'Many aspects of Phabricator are configurable. To explore and '.
'adjust settings, use the **[[ %s | Config Application ]]**.',
$config_href);
$icon = 'fa-info-circle';
}
$setup[] = $this->newItem(
$request,
$icon,
$content);
$settings_href = PhabricatorEnv::getURI('/settings/');
$prefs = $viewer->loadPreferences()->getPreferences();
$have_settings = !empty($prefs);
if ($have_settings) {
$content = pht(
"=== Adjust Account Settings ===\n\n".
"You've adjusted at least one setting on your account. ".
"To make more adjustments, visit the ".
"**[[ %s | Settings Application ]]**.",
$settings_href);
$icon = 'fa-check-square-o green';
} else {
$content = pht(
"=== Adjust Account Settings ===\n\n".
'You can configure settings for your account by clicking the '.
'wrench icon in the main menu bar, or visiting the '.
'**[[ %s | Settings Application ]]** directly.',
$settings_href);
$icon = 'fa-info-circle';
}
$setup[] = $this->newItem(
$request,
$icon,
$content);
$dashboard_href = PhabricatorEnv::getURI('/dashboard/');
$have_dashboard = (bool)PhabricatorDashboardInstall::getDashboard(
$viewer,
PhabricatorHomeApplication::DASHBOARD_DEFAULT,
'PhabricatorHomeApplication');
if ($have_dashboard) {
$content = pht(
"=== Customize Home Page ===\n\n".
"You've installed a default dashboard to replace this welcome screen ".
"on the home page. ".
"You can still visit the welcome screen here at any time if you ".
"have steps you want to complete later, or if you feel lonely. ".
"If you've changed your mind about the dashboard you installed, ".
"you can install a different default dashboard with the ".
"**[[ %s | Dashboards Application ]]**.",
$dashboard_href);
$icon = 'fa-check-square-o green';
} else {
$content = pht(
"=== Customize Home Page ===\n\n".
"When you're done setting things up, you can create a custom ".
"dashboard and install it. Your dashboard will replace this ".
"welcome screen on the Phabricator home page. ".
"Dashboards can show users the information that's most important to ".
"your organization. You can configure them to display things like: ".
"a custom welcome message, a feed of recent activity, or a list of ".
"open tasks, waiting reviews, recent commits, and so on. ".
"After you install a default dashboard, it will replace this page. ".
"You can find this page later by visiting the **Config** ".
"application, under **Welcome Page**. ".
"To get started building a dashboard, use the ".
"**[[ %s | Dashboards Application ]]**. ",
$dashboard_href);
$icon = 'fa-info-circle';
}
$setup[] = $this->newItem(
$request,
$icon,
$content);
$apps_href = PhabricatorEnv::getURI('/applications/');
$content = pht(
"=== Explore Applications ===\n\n".
"Phabricator is a large suite of applications that work together to ".
"help you develop software, manage tasks, and communicate. A few of ".
"the most commonly used applications are pinned to the left navigation ".
"bar by default.\n\n".
"To explore all of the Phabricator applications, adjust settings, or ".
"uninstall applications you don't plan to use, visit the ".
"**[[ %s | Applications Application ]]**. You can also click the ".
"**Applications** button in the left navigation menu, or search for an ".
"application by name in the main menu bar. ",
$apps_href);
$explore = array();
$explore[] = $this->newItem(
$request,
'fa-globe',
$content);
- $support_href = PhabricatorEnv::getDoclink('Give Feedback! Get Support!');
- $content = pht(
- "=== Need Help with Setup? ===\n\n".
- 'Having trouble getting something set up? See '.
- '**[[ %s | Give Feedback! Get Support! ]]** for ways to get in touch '.
- 'to get answers to questions, report bugs, and request features.',
- $support_href);
-
- $explore[] = $this->newItem(
- $request,
- 'fa-life-ring',
- $content);
+ // TODO: Restore some sort of "Support" link here, but just nuke it for
+ // now as we figure stuff out.
$differential_uri = PhabricatorEnv::getURI('/differential/');
$differential_create_uri = PhabricatorEnv::getURI(
'/differential/diff/create/');
$differential_all_uri = PhabricatorEnv::getURI('/differential/query/all/');
$differential_user_guide = PhabricatorEnv::getDoclink(
'Differential User Guide');
$differential_vs_uri = PhabricatorEnv::getDoclink(
'User Guide: Review vs Audit');
$quick = array();
$quick[] = $this->newItem(
$request,
'fa-gear',
pht(
"=== Quick Start: Code Review ===\n\n".
"Review code with **[[ %s | Differential ]]**. ".
"Engineers can use Differential to share, review, and approve ".
"changes to source code. ".
"To get started with code review:\n\n".
" - **[[ %s | Create a Revision ]]** //(Copy and paste a diff from ".
" the command line into the web UI to quickly get a feel for ".
" review.)//\n".
" - **[[ %s | View All Revisions ]]**\n\n".
"For more information, see these articles in the documentation:\n\n".
" - **[[ %s | Differential User Guide ]]**, for a general overview ".
" of Differential.\n".
" - **[[ %s | User Guide: Review vs Audit ]]**, for a discussion ".
" of different code review workflows.",
$differential_uri,
$differential_create_uri,
$differential_all_uri,
$differential_user_guide,
$differential_vs_uri));
$maniphest_uri = PhabricatorEnv::getURI('/maniphest/');
$maniphest_create_uri = PhabricatorEnv::getURI('/maniphest/task/create/');
$maniphest_all_uri = PhabricatorEnv::getURI('/maniphest/query/all/');
$quick[] = $this->newItem(
$request,
'fa-anchor',
pht(
"=== Quick Start: Bugs and Tasks ===\n\n".
"Track bugs and tasks in Phabricator with ".
"**[[ %s | Maniphest ]]**. ".
"Users in all roles can use Maniphest to manage current and ".
"planned work and to track bugs and issues. ".
"To get started with bugs and tasks:\n\n".
" - **[[ %s | Create a Task ]]**\n".
" - **[[ %s | View All Tasks ]]**\n",
$maniphest_uri,
$maniphest_create_uri,
$maniphest_all_uri));
$pholio_uri = PhabricatorEnv::getURI('/pholio/');
$pholio_create_uri = PhabricatorEnv::getURI('/pholio/new/');
$pholio_all_uri = PhabricatorEnv::getURI('/pholio/query/all/');
$quick[] = $this->newItem(
$request,
'fa-camera-retro',
pht(
"=== Quick Start: Design Review ===\n\n".
"Review proposed designs with **[[ %s | Pholio ]]**. ".
"Designers can use Pholio to share images of what they're working on ".
"and show off things they've made. ".
"To get started with design review:\n\n".
" - **[[ %s | Create a Mock ]]**\n".
" - **[[ %s | View All Mocks ]]**",
$pholio_uri,
$pholio_create_uri,
$pholio_all_uri));
$diffusion_uri = PhabricatorEnv::getURI('/diffusion/');
$diffusion_create_uri = PhabricatorEnv::getURI('/diffusion/create/');
$diffusion_all_uri = PhabricatorEnv::getURI('/diffusion/query/all/');
$diffusion_user_guide = PhabricatorEnv::getDoclink('Diffusion User Guide');
$diffusion_setup_guide = PhabricatorEnv::getDoclink(
'Diffusion User Guide: Repository Hosting');
$quick[] = $this->newItem(
$request,
'fa-code',
pht(
"=== Quick Start: Repositories ===\n\n".
"Manage and browse source code repositories with ".
"**[[ %s | Diffusion ]]**. ".
"Engineers can use Diffusion to browse and audit source code. ".
"You can configure Phabricator to host repositories, or have it ".
"track existing repositories hosted elsewhere (like GitHub, ".
"Bitbucket, or an internal server). ".
"To get started with repositories:\n\n".
" - **[[ %s | Create a New Repository ]]**\n".
" - **[[ %s | View All Repositories ]]**\n\n".
"For more information, see these articles in the documentation:\n\n".
" - **[[ %s | Diffusion User Guide ]]**, for a general overview of ".
" Diffusion.\n".
" - **[[ %s | Diffusion User Guide: Repository Hosting ]]**, ".
" for instructions on configuring repository hosting.\n\n".
"Phabricator supports Git, Mercurial and Subversion.",
$diffusion_uri,
$diffusion_create_uri,
$diffusion_all_uri,
$diffusion_user_guide,
$diffusion_setup_guide));
$header = id(new PHUIHeaderView())
->setHeader(pht('Welcome to Phabricator'));
$setup_header = PhabricatorMarkupEngine::renderOneObject(
id(new PhabricatorMarkupOneOff())
->setContent(pht('=Setup and Configuration')),
'default',
$viewer);
$explore_header = PhabricatorMarkupEngine::renderOneObject(
id(new PhabricatorMarkupOneOff())
->setContent(pht('=Explore Phabricator')),
'default',
$viewer);
$quick_header = PhabricatorMarkupEngine::renderOneObject(
id(new PhabricatorMarkupOneOff())
->setContent(pht('=Quick Start Guides')),
'default',
$viewer);
return id(new PHUIDocumentView())
->setHeader($header)
->setFluid(true)
->appendChild($setup_header)
->appendChild($setup)
->appendChild($explore_header)
->appendChild($explore)
->appendChild($quick_header)
->appendChild($quick);
}
private function newItem(AphrontRequest $request, $icon, $content) {
$viewer = $request->getUser();
$icon = id(new PHUIIconView())
->setIconFont($icon.' fa-2x');
$content = PhabricatorMarkupEngine::renderOneObject(
id(new PhabricatorMarkupOneOff())->setContent($content),
'default',
$viewer);
$icon = phutil_tag(
'div',
array(
'class' => 'config-welcome-icon',
),
$icon);
$content = phutil_tag(
'div',
array(
'class' => 'config-welcome-content',
),
$content);
$view = phutil_tag(
'div',
array(
'class' => 'config-welcome-box grouped',
),
array(
$icon,
$content,
));
return $view;
}
}
diff --git a/src/applications/config/option/PhabricatorSecurityConfigOptions.php b/src/applications/config/option/PhabricatorSecurityConfigOptions.php
index b8ff3ccc48..8baea2e664 100644
--- a/src/applications/config/option/PhabricatorSecurityConfigOptions.php
+++ b/src/applications/config/option/PhabricatorSecurityConfigOptions.php
@@ -1,330 +1,325 @@
<?php
final class PhabricatorSecurityConfigOptions
extends PhabricatorApplicationConfigOptions {
public function getName() {
return pht('Security');
}
public function getDescription() {
return pht('Security options.');
}
public function getFontIcon() {
return 'fa-lock';
}
public function getGroup() {
return 'core';
}
public function getOptions() {
- $support_href = PhabricatorEnv::getDoclink('Give Feedback! Get Support!');
-
$doc_href = PhabricatorEnv::getDoclink('Configuring a File Domain');
$doc_name = pht('Configuration Guide: Configuring a File Domain');
// This is all of the IANA special/reserved blocks in IPv4 space.
$default_address_blacklist = array(
'0.0.0.0/8',
'10.0.0.0/8',
'100.64.0.0/10',
'127.0.0.0/8',
'169.254.0.0/16',
'172.16.0.0/12',
'192.0.0.0/24',
'192.0.2.0/24',
'192.88.99.0/24',
'192.168.0.0/16',
'198.18.0.0/15',
'198.51.100.0/24',
'203.0.113.0/24',
'224.0.0.0/4',
'240.0.0.0/4',
'255.255.255.255/32',
);
return array(
$this->newOption('security.alternate-file-domain', 'string', null)
->setLocked(true)
->setSummary(pht('Alternate domain to serve files from.'))
->setDescription(
pht(
'By default, Phabricator serves files from the same domain '.
'the application is served from. This is convenient, but '.
'presents a security risk.'.
"\n\n".
'You should configure a CDN or alternate file domain to mitigate '.
'this risk. Configuring a CDN will also improve performance. See '.
'[[ %s | %s ]] for instructions.',
$doc_href,
$doc_name))
->addExample('https://files.phabcdn.net/', pht('Valid Setting')),
$this->newOption(
'security.hmac-key',
'string',
'[D\t~Y7eNmnQGJ;rnH6aF;m2!vJ8@v8C=Cs:aQS\.Qw')
->setHidden(true)
->setSummary(
pht('Key for HMAC digests.'))
->setDescription(
pht(
'Default key for HMAC digests where the key is not important '.
'(i.e., the hash itself is secret). You can change this if you '.
'want (to any other string), but doing so will break existing '.
'sessions and CSRF tokens.')),
$this->newOption('security.require-https', 'bool', false)
->setLocked(true)
->setSummary(
pht('Force users to connect via HTTPS instead of HTTP.'))
->setDescription(
pht(
"If the web server responds to both HTTP and HTTPS requests but ".
"you want users to connect with only HTTPS, you can set this ".
"to true to make Phabricator redirect HTTP requests to HTTPS.\n\n".
"Normally, you should just configure your server not to accept ".
"HTTP traffic, but this setting may be useful if you originally ".
"used HTTP and have now switched to HTTPS but don't want to ".
"break old links, or if your webserver sits behind a load ".
"balancer which terminates HTTPS connections and you can not ".
"reasonably configure more granular behavior there.\n\n".
"IMPORTANT: Phabricator determines if a request is HTTPS or not ".
"by examining the PHP `%s` variable. If you run ".
"Apache/mod_php this will probably be set correctly for you ".
"automatically, but if you run Phabricator as CGI/FCGI (e.g., ".
"through nginx or lighttpd), you need to configure your web ".
"server so that it passes the value correctly based on the ".
"connection type.",
"\$_SERVER['HTTPS']"))
->setBoolOptions(
array(
pht('Force HTTPS'),
pht('Allow HTTP'),
)),
$this->newOption('security.require-multi-factor-auth', 'bool', false)
->setLocked(true)
->setSummary(
pht('Require all users to configure multi-factor authentication.'))
->setDescription(
pht(
'By default, Phabricator allows users to add multi-factor '.
'authentication to their accounts, but does not require it. '.
'By enabling this option, you can force all users to add '.
'at least one authentication factor before they can use their '.
'accounts.'))
->setBoolOptions(
array(
pht('Multi-Factor Required'),
pht('Multi-Factor Optional'),
)),
$this->newOption(
'phabricator.csrf-key',
'string',
'0b7ec0592e0a2829d8b71df2fa269b2c6172eca3')
->setHidden(true)
->setSummary(
pht('Hashed with other inputs to generate CSRF tokens.'))
->setDescription(
pht(
'This is hashed with other inputs to generate CSRF tokens. If '.
'you want, you can change it to some other string which is '.
'unique to your install. This will make your install more secure '.
'in a vague, mostly theoretical way. But it will take you like 3 '.
'seconds of mashing on your keyboard to set it up so you might '.
'as well.')),
$this->newOption(
'phabricator.mail-key',
'string',
'5ce3e7e8787f6e40dfae861da315a5cdf1018f12')
->setHidden(true)
->setSummary(
pht('Hashed with other inputs to generate mail tokens.'))
->setDescription(
pht(
"This is hashed with other inputs to generate mail tokens. If ".
"you want, you can change it to some other string which is ".
"unique to your install. In particular, you will want to do ".
"this if you accidentally send a bunch of mail somewhere you ".
"shouldn't have, to invalidate all old reply-to addresses.")),
$this->newOption(
'uri.allowed-protocols',
'set',
array(
'http' => true,
'https' => true,
'mailto' => true,
))
->setSummary(
pht('Determines which URI protocols are auto-linked.'))
->setDescription(
pht(
"When users write comments which have URIs, they'll be ".
"automatically linked if the protocol appears in this set. This ".
"whitelist is primarily to prevent security issues like ".
"%s URIs.",
'javascript://'))
->addExample("http\nhttps", pht('Valid Setting'))
->setLocked(true),
$this->newOption(
'uri.allowed-editor-protocols',
'set',
array(
'http' => true,
'https' => true,
// This handler is installed by Textmate.
'txmt' => true,
// This handler is for MacVim.
'mvim' => true,
// Unofficial handler for Vim.
'vim' => true,
// Unofficial handler for Sublime.
'subl' => true,
// Unofficial handler for Emacs.
'emacs' => true,
// This isn't a standard handler installed by an application, but
// is a reasonable name for a user-installed handler.
'editor' => true,
))
->setSummary(pht('Whitelists editor protocols for "Open in Editor".'))
->setDescription(
pht(
- "Users can configure a URI pattern to open files in a text ".
- "editor. The URI must use a protocol on this whitelist.\n\n".
- "(If you use an editor which defines a protocol not on this ".
- "list, [[ %s | let us know ]] and we'll update the defaults.)",
- $support_href))
+ 'Users can configure a URI pattern to open files in a text '.
+ 'editor. The URI must use a protocol on this whitelist.'))
->setLocked(true),
$this->newOption(
'celerity.resource-hash',
'string',
'd9455ea150622ee044f7931dabfa52aa')
->setSummary(
pht('An input to the hash function when building resource hashes.'))
->setDescription(
pht(
'This value is an input to the hash function when building '.
'resource hashes. It has no security value, but if you '.
'accidentally poison user caches (by pushing a bad patch or '.
'having something go wrong with a CDN, e.g.) you can change this '.
'to something else and rebuild the Celerity map to break user '.
'caches. Unless you are doing Celerity development, it is '.
'exceptionally unlikely that you need to modify this.')),
$this->newOption('remarkup.enable-embedded-youtube', 'bool', false)
->setBoolOptions(
array(
pht('Embed YouTube videos'),
pht("Don't embed YouTube videos"),
))
->setSummary(
pht('Determines whether or not YouTube videos get embedded.'))
->setDescription(
pht(
"If you enable this, linked YouTube videos will be embedded ".
"inline. This has mild security implications (you'll leak ".
"referrers to YouTube) and is pretty silly (but sort of ".
"awesome).")),
$this->newOption(
'security.outbound-blacklist',
'list<string>',
$default_address_blacklist)
->setLocked(true)
->setSummary(
pht(
'Blacklist subnets to prevent user-initiated outbound '.
'requests.'))
->setDescription(
pht(
'Phabricator users can make requests to other services from '.
'the Phabricator host in some circumstances (for example, by '.
'creating a repository with a remote URL or having Phabricator '.
'fetch an image from a remote server).'.
"\n\n".
'This may represent a security vulnerability if services on '.
'the same subnet will accept commands or reveal private '.
'information over unauthenticated HTTP GET, based on the source '.
'IP address. In particular, all hosts in EC2 have access to '.
'such a service.'.
"\n\n".
'This option defines a list of netblocks which Phabricator '.
'will decline to connect to. Generally, you should list all '.
'private IP space here.'))
->addExample(array('0.0.0.0/0'), pht('No Outbound Requests')),
$this->newOption('security.strict-transport-security', 'bool', false)
->setLocked(true)
->setBoolOptions(
array(
pht('Use HSTS'),
pht('Do Not Use HSTS'),
))
->setSummary(pht('Enable HTTP Strict Transport Security (HSTS).'))
->setDescription(
pht(
'HTTP Strict Transport Security (HSTS) sends a header which '.
'instructs browsers that the site should only be accessed '.
'over HTTPS, never HTTP. This defuses an attack where an '.
'adversary gains access to your network, then proxies requests '.
'through an unsecured link.'.
"\n\n".
'Do not enable this option if you serve (or plan to ever serve) '.
'unsecured content over plain HTTP. It is very difficult to '.
'undo this change once users\' browsers have accepted the '.
'setting.')),
);
}
protected function didValidateOption(
PhabricatorConfigOption $option,
$value) {
$key = $option->getKey();
if ($key == 'security.alternate-file-domain') {
$uri = new PhutilURI($value);
$protocol = $uri->getProtocol();
if ($protocol !== 'http' && $protocol !== 'https') {
throw new PhabricatorConfigValidationException(
pht(
"Config option '%s' is invalid. The URI must start with ".
"'%s' or '%s'.",
$key,
'http://',
'https://'));
}
$domain = $uri->getDomain();
if (strpos($domain, '.') === false) {
throw new PhabricatorConfigValidationException(
pht(
"Config option '%s' is invalid. The URI must contain a dot ('.'), ".
"like '%s', not just a bare name like '%s'. ".
"Some web browsers will not set cookies on domains with no TLD.",
$key,
'http://example.com/',
'http://example/'));
}
$path = $uri->getPath();
if ($path !== '' && $path !== '/') {
throw new PhabricatorConfigValidationException(
pht(
"Config option '%s' is invalid. The URI must NOT have a path, ".
"e.g. '%s' is OK, but '%s' is not. Phabricator must be installed ".
"on an entire domain; it can not be installed on a path.",
$key,
'http://phabricator.example.com/',
'http://example.com/phabricator/'));
}
}
}
}
diff --git a/src/docs/user/userguide/arcanist.diviner b/src/docs/user/userguide/arcanist.diviner
index 41613db968..f1c4545956 100644
--- a/src/docs/user/userguide/arcanist.diviner
+++ b/src/docs/user/userguide/arcanist.diviner
@@ -1,182 +1,177 @@
@title Arcanist User Guide
@group userguide
Guide to Arcanist, a command-line interface to Phabricator.
Arcanists provides command-line access to many Phabricator tools (like
Differential, Files, and Paste), integrates with static analysis ("lint") and
unit tests, and manages common workflows like getting changes into Differential
for review.
A detailed command reference is available by running `arc help`. This
document provides an overview of common workflows and installation.
Arcanist has technical, contributor-focused documentation here:
<https://secure.phabricator.com/book/arcanist/>
= Quick Start =
A quick start guide is available at @{article:Arcanist Quick Start}. It provides
a much more compact summary of how to get `arc` set up and running for a new
project. You may want to start there, and return here if you need more
information.
= Overview =
Arcanist is a wrapper script that sits on top of other tools (e.g.,
Differential, linters, unit test frameworks, git, Mercurial, and SVN) and
provides a simple command-line API to manage code review and some related
revision control operations.
For a detailed list of all available commands, run:
$ arc help
For detailed information about a specific command, run:
$ arc help <command>
Arcanist allows you to do things like:
- get detailed help about available commands with `arc help`
- send your code to Differential for review with `arc diff` (for detailed
instructions, see @{article:Arcanist User Guide: arc diff})
- show pending revision information with `arc list`
- find likely reviewers for a change with `arc cover`
- apply changes in a revision to the working copy with `arc patch`
- download a patch from Differential with `arc export`
- update Git commit messages after review with `arc amend`
- commit SVN changes with `arc commit`
- push Git and Mercurial changes with `arc land`
- view enhanced information about Git branches with `arc branch`
Once you've configured lint and unit test integration, you can also:
- check your code for syntax and style errors with `arc lint`
(see @{article:Arcanist User Guide: Lint})
- run unit tests that cover your changes with `arc unit`
Arcanist integrates with other tools:
- upload and download files with `arc upload` and `arc download`
- create and view pastes with `arc paste`
Arcanist has some advanced features as well, you can:
- execute Conduit method calls with `arc call-conduit`
- create or update libphutil libraries with `arc liberate`
- activate tab completion with `arc shell-complete`
- ...or extend Arcanist and add new commands.
Except where otherwise noted, these workflows are generally agnostic to the
underlying version control system and will work properly in git, Mercurial, or
SVN repositories.
= Installing Arcanist =
Arcanist is meant to be installed on your local machine or development server --
whatever machine you're editing code on. It runs on:
- Linux;
- Other operating systems which are pretty similar to Linux, or which
Linux is pretty similar to;
- FreeBSD, a fine operating system held in great esteem by many;
- Mac OS X (see @{article:Arcanist User Guide: Mac OS X}); and
- Windows (see @{article:Arcanist User Guide: Windows}).
Arcanist is written in PHP, so you need to install the PHP CLI first if you
don't already have it. Arcanist should run on PHP 5.2 and newer. If you don't
have PHP installed, you can download it from <http://www.php.net/>.
To install Arcanist, pick an install directory and clone the code from GitHub:
some_install_path/ $ git clone https://github.com/phacility/libphutil.git
some_install_path/ $ git clone https://github.com/phacility/arcanist.git
This should leave you with a directory structure like this
some_install_path/ # Wherever you chose to install it.
arcanist/ # Arcanist-specific code and libraries.
libphutil/ # A shared library Arcanist depends upon.
Now add `some_install_path/arcanist/bin/` to your PATH environment variable.
When you type "arc", you should see something like this:
Usage Exception: No command provided. Try 'arc help'.
If you get that far, you've done things correctly. If you get an error or have
trouble getting this far, see these detailed guides:
- On Windows: @{article:Arcanist User Guide: Windows}
- On Mac OS X: @{article:Arcanist User Guide: Mac OS X}
You can later upgrade Arcanist and libphutil to the latest versions with
`arc upgrade`:
$ arc upgrade
== Installing Arcanist for a Team ==
Arcanist changes quickly, so it can be something of a headache to get it
installed and keep people up to date. Here are some approaches you might be
able to use:
- Facebook does most development on development servers, which have a standard
environment and NFS mounts. Arcanist and libphutil themselves live on an
NFS mount, and the default `.bashrc` adds them to the PATH. Updating the
mount source updates everyone's versions, and new employees have a working
`arc` when they first log in.
- Another common approach is to write an install script as an action into
existing build scripts, so users can run `make install-arc` or
`ant install-arc` or similar.
- - In general, if this sucks and is causing you pain, let us know (see
- @{article:Give Feedback! Get Support!}). We're planning to improve this at
- some point, but it's somewhat complicated to get right. While it can take a
- little time to set up, we aren't getting feedback that it's a persistent
- pain point, so it hasn't been a priority.
== Installing Tab Completion ==
If you use `bash`, you can set up tab completion by adding something like this
to your `.bashrc`, `.profile` or similar:
source /path/to/arcanist/resources/shell/bash-completion
== Configuration ==
Some Arcanist commands can be configured. This configuration is read from
several sources:
# A customization can force any setting with
@{method@arcanist:ArcanistWorkingCopyIdentity::setRuntimeConfig}.
# User can specify settings for working copy in `arc/config` file located in
VCS directory (e.g. `.git/arc/config`) in JSON format. This file can also be
modified by running `arc set-config --local`.
# Repository can specify its config in `.arcconfig` in JSON format.
# User can specify the settings in `~/.arcrc` (JSON) through the `config` key.
This file can be modified also by `arc set-config --global`.
# Machine can specify the settings with `/etc/arcconfig` (JSON). On Windows,
the file path is `C:\ProgramData\Phabricator\Arcanist\config`.
The first place where the setting is defined wins.
Existing settings can be printed with `arc get-config`.
== Next Steps ==
Continue by:
- setting up a new project for use with `arc`, with
@{article:Arcanist User Guide: Configuring a New Project}; or
- learning how to use `arc` to send changes for review with
@{article:Arcanist User Guide: arc diff}.
Advanced topics are also available. These are detailed guides to configuring
technical features of `arc` that refine its behavior. You do not need to read
them to get it working.
- @{article:Arcanist User Guide: Commit Ranges}
- @{article:Arcanist User Guide: Lint}
- @{article:Arcanist User Guide: Customizing Existing Linters}
- @{article:Arcanist User Guide: Customizing Lint, Unit Tests and Workflows}
- @{article:Arcanist User Guide: Code Coverage}
diff --git a/src/docs/user/userguide/audit.diviner b/src/docs/user/userguide/audit.diviner
index cff9b73e1b..9c2f752b08 100644
--- a/src/docs/user/userguide/audit.diviner
+++ b/src/docs/user/userguide/audit.diviner
@@ -1,108 +1,104 @@
@title Audit User Guide
@group userguide
Guide to the Audit (post-push code review) tool and workflow.
= Overview =
Phabricator supports two code review workflows, "review" (pre-push) and
"audit" (post-push). To understand the differences between the two, see
@{article:User Guide: Review vs Audit}.
This document summarizes the post-push "audit" workflow implemented by the
creatively-named //Audit// tool.
-NOTE: The audit workflow is new, give us feedback about it! See
-@{article:Give Feedback! Get Support!}.
-
= How Audit Works =
Using auditing allows you to push and deploy code without waiting for code
review, while still doing code review eventually. The Audit tool primarily keeps
track of two things:
- **Commits** and their audit state (like "Not Audited", "Approved", or
"Concern Raised").
- **Audit Requests** which ask a user (or some other entity) to audit a
commit. These can be triggered in a number of ways (see below).
In the Audit tool's home screen (at `/audit/`) and on the homepage you can see
commits and requests that require your action:
- **Required Audits** are open audit requests that require you, a project
you are a member of, or a package you own to audit a commit. An audit
request is closed when you approve the associated commit.
- **Problem Commits** are commits you authored which someone has raised a
concern about in audit. Problem commits go away when you satisfy all the
auditors and get them to "Approve" the commit.
For example:
- Evan creates commit `abcdef1234` and pushes it to the remote.
- This triggers an audit request to Bob through some mechanism (see below for
a description of trigger mechanisms).
- Later, Bob logs into Phabricator and sees the audit request on his homepage.
- Bob clicks through and examines the commit. He notices a problem, so he
selects "Raise Concern" and describes the issue in a comment.
- Evan receives an email that Bob has raised a concern about his commit. He
opts not to deal with it immediately.
- Later, Evan logs into Phabricator and sees the commit on his homepage
under "Problem Commits".
- Evan resolves the issue somehow (e.g., by discussing it with Bob, or fixing
it in another commit).
- Now satisfied, Bob "Accepts" the original commit.
- This causes the request to disappear from Bob's queue, and the commit to
disappear from Evan's queue.
= Audit Triggers =
Audit requests can be triggered in a number of ways:
- If you put `Auditors: username1, username2` in your commit message, it will
trigger an audit request to those users when you push it to a tracked
branch.
- You can create rules in Herald that trigger audits based on properties
of the commit -- like the files it touches, the text of the change, the
author, etc.
- You can create an audit request for yourself by commenting on any commit.
- You can create an Owners package and select "Enable Auditing" (this is an
advanced feature which is only likely to be useful for very large teams).
= Audits in Small Teams =
If you have a small team and don't need complicated trigger rules, you can set
up a simple audit workflow like this:
- Create a new Project, "Code Audits".
- Create a new global Herald rule for Commits, which triggers an audit by
the "Code Audits" project for every commit where "Differential Revision"
"does not exist" (this will allow you to transition partly or fully to
review later if you want).
- Have every engineer join the "Code Audits" project.
This way, everyone will see an audit request for every commit, but it will be
dismissed if anyone approves it. Effectively, this enforces the rule "every
commit should have //someone// look at it".
Once your team gets bigger, you can refine this ruleset so that developers see
only changes that are relevant to them.
= Audit Tips =
- When viewing a commit, audit requests you are responsible for are
highlighted. You are responsible for a request if it's a user request
and you're that user, or if it's a project request and you're a member
of the project, or if it's a package request and you're a package owner.
Any action you take will update the state of all the requests you're
responsible for.
- You can leave inline comments by clicking the line numbers in the diff.
- You can leave a comment across multiple lines by dragging across the line
numbers.
- Inline comments are initially saved as drafts. They are not submitted until
you submit a comment at the bottom of the page.
- Press "?" to view keyboard shortcuts.
= Next Steps =
- - Learn more about Herald at @{article:Herald User Guide}; or
- - give us feedback at @{article:Give Feedback! Get Support!}.
+ - Learn more about Herald at @{article:Herald User Guide}.
diff --git a/src/docs/user/userguide/differential.diviner b/src/docs/user/userguide/differential.diviner
index 92f93a3015..edf992f720 100644
--- a/src/docs/user/userguide/differential.diviner
+++ b/src/docs/user/userguide/differential.diviner
@@ -1,69 +1,68 @@
@title Differential User Guide
@group userguide
Guide to the Differential (pre-push code review) tool and workflow.
= Overview =
Phabricator supports two code review workflows, "review" (pre-push) and
"audit" (post-push). To understand the differences between the two, see
@{article:User Guide: Review vs Audit}.
This document summarizes the pre-push "review" workflow implemented by the tool
//Differential//.
= How Review Works =
Code review in Phabricator is a lightweight, asynchronous web-based process. If
you are familiar with GitHub, it is similar to how pull requests work:
- An author prepares a change to a codebase, then sends it for review. They
specify who they want to review it (additional users may be notified as
well, see below). The change itself is called a "Differential Revision".
- The reviewers receive an email asking them to review the change.
- The reviewers inspect the change and either discuss it, approve it, or
request changes (e.g., if they identify problems or bugs).
- In response to feedback, the author may update the change (e.g., fixing
the bugs or addressing the problems).
- Once everything is satisfied, some reviewer accepts the change and the
author pushes it to the upstream.
The Differential home screen shows two sets of revisions:
- **Action Required** is revisions you are the author of or a reviewer for,
which you need to review, revise, or push.
- **Waiting on Others** is revisions you are the author of or a reviewer for,
which someone else needs to review, revise, or push.
= Creating Revisions =
The preferred way to create revisions in Differential is with `arc`
(see @{article:Arcanist User Guide}). You can also create revisions from the
web interface, by navigating to Differential, pressing the "Create Revision"
button, and pasting a diff in.
= Herald Rules =
If you're interested in keeping track of changes to certain parts of a codebase
(e.g., maybe changes to a feature or changes in a certain language, or there's
just some intern who you don't trust) you can write a Herald rule to
automatically CC you on any revisions which match rules (like content, author,
files affected, etc.)
= Differential Tips =
- You can leave inline comments by clicking the line numbers in the diff.
- You can leave a comment across multiple lines by dragging across the line
numbers.
- Inline comments are initially saved as drafts. They are not submitted until
you submit a comment at the bottom of the page.
- Press "?" to view keyboard shortcuts.
= Next Steps =
- Read the FAQ at @{article:Differential User Guide: FAQ}; or
- learn about handling large changesets at
@{article:Differential User Guide: Large Changes}; or
- learn about test plans at @{article:Differential User Guide: Test Plans}; or
- - learn more about Herald at @{article:Herald User Guide}; or
- - give us feedback at @{article:Give Feedback! Get Support!}.
+ - learn more about Herald at @{article:Herald User Guide}.
diff --git a/src/docs/user/userguide/phame.diviner b/src/docs/user/userguide/phame.diviner
index 83cd91f2cf..0de225c49f 100644
--- a/src/docs/user/userguide/phame.diviner
+++ b/src/docs/user/userguide/phame.diviner
@@ -1,63 +1,59 @@
@title Phame User Guide
@group userguide
Journal about your thoughts and feelings. Share with others. Profit.
= Overview =
+IMPORTANT: Phame is a prototype application.
+
Phame is a simple blogging platform. You can write drafts which only you can
see. Later, you can publish these drafts as posts which anyone who can access
the Phabricator instance can see. You can also add posts to blogs to increase
your distribution.
Overall, Phame is intended to help an individual spread their message. As
such, pertinent design decisions skew towards favoring the individual
rather than the collective.
= Drafts =
Drafts are completely private so draft away.
= Posts =
Posts are accessible to anyone who has access to the Phabricator instance.
= Blogs =
Blogs are collections of posts. Each blog has associated metadata like
a name, description, and set of bloggers who can add posts to the blog.
Each blogger can also edit metadata about the blog and delete the blog
outright.
NOTE: removing a blogger from a given blog does not remove their posts that
are already associated with the blog. Rather, it removes their ability to edit
metadata about and add posts to the blog.
Blogs can be useful for powering external websites, like
blog.yourcompany.com
by making pertinent configuration changes with your DNS authority and
Phabricator instance. For the Phabricator instance, you must
- Enable `policy.allow-public` in Phabricator configuration.
- Configure the blog to have the view policy `public`.
For your DNS authority, simply point the pertinent domain name at your
Phabricator instance. e.g. by IP address.
= Comment Widgets =
Phame supports comment widgets from Facebook and Disqus. The administrator
of the Phabricator instance must properly configure Phabricator to enable
this functionality.
A given comment widget is tied 1:1 with a given post. This means the same
instance of a given comment widget will appear for a given post regardless
of whether that post is being viewed in the context of a blog.
-
-= Next Steps =
-
- - Phame is extremely new and very basic for now. Give us feedback on
- what you'd like to see improve! See @{article:Give Feedback! Get
- Support!}.
diff --git a/src/docs/user/userguide/phriction.diviner b/src/docs/user/userguide/phriction.diviner
index f3eaa4dffb..60ad6357fe 100644
--- a/src/docs/user/userguide/phriction.diviner
+++ b/src/docs/user/userguide/phriction.diviner
@@ -1,12 +1,10 @@
@title Phriction User Guide
@group userguide
Construct a detailed written history of your civilization.
-= Overview =
+Overview
+========
Phriction is a simple wiki. You can edit pages, and the text you write will stay
there. Other people can see it later.
-
-NOTE: Phriction is extremely new and very basic for now. Give us feedback on
-what you'd like to see improve! See @{article:Give Feedback! Get Support!}.

File Metadata

Mime Type
text/x-diff
Expires
Fri, Nov 14, 9:34 AM (1 d, 14 h)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
336915
Default Alt Text
(48 KB)

Event Timeline

styx copyright 2020 sirocyl / ellie (kymkdd) / ncommander / styx contributors
Use of other names and brands is not intended to reflect a claim of, or right to, use the name or brand.
styx is an operating system using the Linux kernel and components, and "styx Linux" as a phrase does not reflect the inclusion of the Linux brand or trademark in the styx project.
Linux® is the registered trademark of Linus Torvalds in the U.S. and other countries.
Terms and Conditions (TODO: fix this!)