| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Bug: T353458
Change-Id: I088cbc53fbcdb974e5b05b45a62e91709dacc024
|
| |
|
|
|
|
|
|
|
|
|
| |
* Switch out raw Exceptions, mostly for InvalidArgumentExceptions.
* Fake exceptions triggered to give Monolog a backtrace are for
some reason "traditionally" RuntimeExceptions, instead, so we
continue to use that pattern in remaining locations.
* Just entirely give up on PostgresResultWrapper's resource vs. object mess.
* Drop now-unneeded false positive hits.
Change-Id: Id183ab60994cd9c6dc80401d4ce4de0ddf2b3da0
|
| |
|
|
|
| |
Bug: T353458
Change-Id: I4dbef138fd0110c14c70214282519189d70c94fb
|
| |
|
|
|
|
|
|
| |
Also remove some unchecked exception from doc comments.
Bug: T328220
Bug: T240672
Change-Id: I88b1e948ce5da77d9c4862a2b98793d6ba00cf8b
|
| |
|
|
|
|
|
|
|
|
|
| |
This reverts commit 82da9cf14be08e9458f58fa96be51966a2fe7cb1.
Passing through Remex seems to have unexpected consequences to be
investigated but, for the sake of unbreaking the UBN, let's revert this
first.
Bug: T353920
Change-Id: Iaac7942aa77aee5ab525852ac5b41dd516ff13c9
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The previous implementation was using an ad-hoc regular expression which
was matching inside the data-mw attribute of Parsoid output, eg:
<sup about="#mwt42" [...] typeof="mw:Extension/ref mw:Error" data-mw="{"name":"ref","attrs":{"name":"infobox_stats_ref_rail"},"body":{"html":"<style data-mw-deduplicate=\"TemplateStyles:r1133582631\" typeof=\"...">
After substitution, the <link> element inserted contained " instead of
" and so broke out of the attribute.
Instead use a proper HTML tokenizer (via wikimedia/remex-html) so that
we don't allow bogus matches inside attribute values.
To fix up tests:
* Don't deduplicate styles when parsing UX messages (also helps performance)
* Don't deduplicate styles in ContentHandler integration tests
* Don't deduplicate styles by default in parser tests
(unless explicit option is set)
Depends-On: Id9801a9ff540bd818a32bc6fa35c48a9cff12d3a
Depends-On: I5111f1fdb7140948b82113adbc774af286174ab3
Followup-To: Ic0b17e361bf6eb0e71c498abc17f5f67f82318f8
Change-Id: I32d3d1772243c3819e1e1486351d16871b6e21c4
|
| |
|
|
|
|
|
| |
Most used non-namespaced class!
Bug: T353458
Change-Id: I4c2cbb0a808b3881a4d6ca489eee5d8c8ebf26cf
|
| |
|
|
|
|
|
| |
* Remove unnecessary duplicate documentation
* Code tweaks
Change-Id: I9c8c190bee58195eace08cba18a51e4572896ef7
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
This allows to check also message parameters for possible JavaScript
injections.
Bug: T340201
Change-Id: I6bef28cd9c6b91713b66b40cba46e9b2dc2a1f05
|
| |/
|
|
|
|
|
|
| |
They are passed to Language::formatTimePeriod(), which accepts floats.
Phan recently learned to enforce these annotations.
Change-Id: I3e7bb0f4a79fd563b94b738bb63541da986bb87a
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Copied from MediaWikiSecurityCheckPlugin.php.
Duplicate annotations from Xml::encode* to the corresponding
Html::encode* methods, given that these were moved recently but not
hardcoded in taint-check.
As the only difference, remove the HTML taintedness type from the return
value of Message::rawParams. If the argument is unsafe, it's reported
immediately thanks to exec_html. Else, it does not contribute to the
taintedness of the return value.
Bug: T321806
Change-Id: I5ed340e1d127fb3eab6d6f9b905693d05a393360
|
| |
|
|
| |
Change-Id: Ib519de0dbcad39a1b19defaa81a957abeee4fc8f
|
| |
|
|
| |
Change-Id: Id8af4f727d1394bfae0f5736c4c69307c8f85246
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- Make it an actual service
- Make its methods non-static
- Adjust signatures and method calls
- Remove excessively verbose logging
- Use dependency injection
- Add unit tests
- In SpecialEmailUser, add a new non-static method to use for form
submission, and leave the old one for external callers only.
- Fix parameter type in the EmailUser hook. This was previously not
spotted by phan because the argument came from an array without
documented types.
Bug: T265541
Change-Id: I2322e9c3004d76b665d8eb8e0e4029411a01ef5a
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is moderately messy.
Process was principally:
* xargs rg --files-with-matches '^use Title;' | grep 'php$' | \
xargs -P 1 -n 1 sed -i -z 's/use Title;/use MediaWiki\\Title\\Title;/1'
* rg --files-without-match 'MediaWiki\\Title\\Title;' . | grep 'php$' | \
xargs rg --files-with-matches 'Title\b' | \
xargs -P 1 -n 1 sed -i -z 's/\nuse /\nuse MediaWiki\\Title\\Title;\nuse /1'
* composer fix
Then manual fix-ups for a few files that don't have any use statements.
Bug: T166010
Follows-Up: Ia5d8cb759dc3bc9e9bbe217d0fb109e2f8c4101a
Change-Id: If8fc9d0d95fc1a114021e282a706fc3e7da3524b
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The rules for how ParserOptions::getUserLang() are set are a little
baroque. When the 'uselang' option is set on the request, for example,
RequestContext::getLanguage() can differ from the user language; we
also deliberately force the "user language" to the content language
during the post-edit path to avoid having the user language leak into
the links table.
The changes in this patch make the ParserOutput::getText() calls "more
correct" but really they are just removing some uses of the global
RequestContext::getMain() from the code path, since in all of these
cases the main request context (which is what we use by default) does
have the correct language set.
For consistency, this patch also adds `allowTOC=false` in many of the
places where we already had `enableSectionEditLinks=false`; for
example, user interface messages, wikitext content injected on special
pages, etc.
Change-Id: Ib0d8c5e538e472ad672c45e5b68907242afb1e14
|
| |\ |
|
| | |
| |
| |
| |
| | |
Bug: T323104
Change-Id: Id3bfe52b8b55ac304b6b85e14951c3dbd16aa7d9
|
| |/
|
|
|
|
|
|
|
|
| |
To follow Message. This is approved as part of RFC T166010.
Also namespace it but doing it properly with PSR-4 would require
namespacing every class under language/ and that will take some time.
Bug: T321882
Change-Id: I195cf4c67bd51410556c2dd1e33cc9c1033d5d18
|
| |
|
|
|
|
| |
…and avoid the use of MWException.
Change-Id: Id07e301c3f20afa135e5469ee234a27354485652
|
| |
|
|
|
|
|
|
|
| |
This reverts commit 27ee63f8c9d97ecc04cee0d7a29deca74b7bea5c.
Reason for revert: Serialized Messages are stored in the database
Bug: T323236
Change-Id: Ia8089201eedf3c0585bb7e970b3776a7e0882019
|
| |
|
|
|
| |
Bug: T323104
Change-Id: Id3bfe52b8b55ac304b6b85e14951c3dbd16aa7da
|
| |
|
|
|
| |
Depends-On: I3b893152ed278a72b5e74ccf91a3381f319bfcd9
Change-Id: I9f69a9316eaec23103262ec2ffd5b85baaf16f3f
|
| |
|
|
|
| |
Bug: T166010
Change-Id: Idcf0e9dc6e0841e4f132207bce0f96774dad898c
|
| |
|
|
|
|
|
|
| |
Introduced in PHP 7.1. Because it's shorter and looks nice.
I used regex replacement.
Change-Id: I0555e199d126cd44501f859cb4589f8bd49694da
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This simplifies the assignment with a Language object that fall back to
null.
The serialization of null is 2 byte shorter than the serialization of
false.
false and null are both falsey so the serialization is backward and
forward compatible.
Change-Id: Idbe21afcead4fb3973f63a4f5d7fa156457f8ca9
|
| |
|
|
| |
Change-Id: I1c6beba4ff6132b07cbf0a6c96be056509aa5eff
|
| |
|
|
|
| |
Change-Id: Ie92e4b2722692c64f38557bfcd3687168d245e8e
(cherry picked from commit eec198b245901d9a5dbe52a426e909ffbff32ac0)
|
| |
|
|
|
|
|
|
|
|
|
| |
This is mostly about adding return types to methods that implement PHP
interfaces, and not passing null to core functions that want a string.
After this patch, and an update to return types in RemexHtml,
tests/phpunit/integration/ has no more errors than in PHP 8.0.
Bug: T289879
Bug: T289926
Change-Id: Ia424f5cc897070f4188ae126b5bf6a1f552db0e1
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Move ResourceLoader classes to their own namespace. Strip the
"ResourceLoader" prefix from all except ResourceLoader itself.
Move the tests by analogy.
I used a namespace alias "RL" in some callers since RL\Module is less
ambiguous at the call site than just "Module".
I did not address DependencyStore which continues to have a non-standard
location and namespace.
Revert of a241d83e0a6dabedf.
Bug: T308718
Change-Id: Id08a220e1d6085e2b33f3f6c9d0e3935a4204659
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This edition brought to you by:
grep -ERIn $(grep -o "'[A-Za-z0-9_]*'" includes/MainConfigNames.php | tr
"\n" '|' | sed 's/|$/\n/') includes/
I only corrected a fraction of the results provided by that command. I'm
submitting the partial patch now so it doesn't bitrot.
Bug: T305805
Change-Id: If1918c0b3d88cdf90403921e4310740e206d6962
|
| |
|
|
|
|
|
|
|
| |
Make phan stricter about conditional variable declaration
Remaining false positive issues are suppressed.
The suppression and the setting change can only be done together
Bug: T259172
Change-Id: I1f200ac37df7448453688bf464a8250c97313e5d
|
| |
|
|
|
|
|
|
|
|
|
| |
Make phan stricter about null types by setting null_casts_as_any_type to
false (the default in mediawiki-phan-config)
Remaining false positive issues are suppressed.
The suppression and the setting change can only be done together
Bug: T242536
Bug: T301991
Change-Id: I0f295382b96fb3be8037a01c10487d9d591e7e01
|
| |
|
|
|
|
|
|
| |
Depends-On: I4f3b01eccf571475f1248db838a8aa6cba18b93e
Depends-On: I0a0681b332abb623fc6871ab78da9e64a79fad84
Bug: T300069
Bug: T302469
Change-Id: I45f58034117e9041fe5403dbfcf83ba25f20518d
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
As a result, when an existing Message object is passed in the $key
parameter, the function will return a clone of that object, rather
than a new Message constructed based on the key extracted from the
old message.
This is mostly relevant when the passed object is an instance of
a subclass like RawMessage or ApiMessage, but it could have other
unpredictable consequences. No test failures, though!
Change-Id: I4815e92dfaf5fbcc8c9356106738716c6b9ae0da
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This affects messages created using wfMessageFallback() and related
functions, in particular many messages used for navigation tabs in
skins.
Previous attempt in 11d7d97768fa384102eba4a530a535454ea4aa11,
reverted in c83b530f952286f10c5d9a5bf7960bb6acf7be18 due to T302469.
This attempt doesn't introduce any new placeholders to avoid that
issue.
Bug: T300069
Change-Id: Ib0e282b3864caf345e42dd7af4a529f43ae7ba67
|
| |
|
|
|
|
|
|
|
| |
This reverts commit 11d7d97768fa384102eba4a530a535454ea4aa11.
Breaking fundraising banners with regexes in them.
Bug: T302469
Change-Id: I0146a6a2907ca72792375e97a5b5392c6465614f
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
This affects messages created using wfMessageFallback() and related
functions, in particular many messages used for navigation tabs in
skins.
Bug: T300069
Change-Id: Ia8ba35419285cfa77197810ae9df99e522a0f4ba
|
| |\ \ |
|
| | |/
| |
| |
| |
| |
| |
| |
| | |
If all keys failed, instance of the last message key is returned, not first
Test: wfMessageFallback( 'x', 'y', 'z' )->text()
Change-Id: I115a626d5838240665d1f5044dbee1bac1dd5a37
|
| |/
|
|
| |
Change-Id: I1bd93f7fc1192c5291849f3a2e4c608588f316d1
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Skin::getLanguages() was consuming 4% of index.php CPU time. In local
testing, it was called three times per page view. So:
* Memoize it, analogous to the nonfunctional code in SkinVector.
* Simplify ClassicInterwikiLookup by removing the option to pass a CDB
file path. This was only ever supported by a WikimediaMaintenance
script. In the unlikely event that someone is using this feature, they
have the same motivation to switch to PHP as we did in T122362.
* Increase the size of ClassicInterwikiLookup's MapCacheLRU from 100 to
1000. This helps greatly in the case when $wgInterwikiCache is false
and more than 100 interwikis are requested and seems harmless
otherwise.
* Optimise Title::getNsText() by assuming that the canonical name of
NS_MAIN is the empty string.
* Rearrange Message::__construct() to avoid duplicate type checks.
Change-Id: I736cb74efc267fd2473a3267471735238217251c
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Don't catch and discard exceptions from the RequestTimeout library,
except when the exception is properly handled and the code seems to be
trying to wrap things up.
In most cases the exception is rethrown. Ideally it should instead be
done by narrowing the catch, and this was feasible in a few cases. But
sometimes the exception being caught is an instance of the base class
(notably DateTime::__construct()). Often Exception is the root of the
hierarchy of exceptions being thrown and so is the obvious catch-all.
Notes on specific callers:
* In the case of ResourceLoader::respond(), exceptions were caught for API
correctness, but processing continued. I added an outer try block for
timeout handling so that termination would be more prompt.
* In LCStoreCDB the Exception being caught was Cdb\Exception not
\Exception. I added an alias to avoid confusion.
* In ImageGallery I added a special exception class.
* In Message::__toString() the rationale for catching disappears
in PHP 7.4.0+, so I added a PHP version check.
* In PoolCounterRedis, let the shutdown function do its thing, but
rethrow the exception for logging.
Change-Id: I4c3770b9efc76a1ce42ed9f59329c36de04d657c
|
| |/
|
|
|
|
|
| |
ApiMessageTrait/Message/MapCacheLRU migrated so far
Bug: T299312
Change-Id: Ie126fb8808c5e6611e66fd63972682198cca0e0d
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Automatically refactors wg prefixed globals to use MediaWikiServices config using Rector. Doesn't include files that set globals or files that fail CI.
Rector Gist: https://gist.github.com/tchin25/7cc54f6d23aedef010b22e4dfbead228
* This patch uses a modified source code rector library for our specific use case and the rector will have different effects without it.
A writeup for future reference is here: https://meta.wikimedia.org/wiki/User:TChin_(WMF)/Using_Rector_On_MediaWiki
Change-Id: I1a691f01cd82e60bf41207d32501edb4b9835e37
|
| |
|
|
| |
Change-Id: I5ab88a01ba3e5ea2aae853bb6f06492fbc84ceb5
|
| |
|
|
|
| |
Bug: T254646
Change-Id: I2b120f0b9c9e1dc1a6c216bfefa3f2463efe1001
|
