| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
| |
Bug: T353458
Change-Id: I35864ad9bd48701703c51367d62f8ebde963c52d
|
| |
|
|
|
|
|
|
| |
Use modern php syntax to call a callable.
Reduce the stack trace to improve performance
and better IDE and static analyzer support
Change-Id: I9ef131032a662a3b8db69aa7079dbd51f88f575a
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Same as Ia294bf4 did for 1-line comments. This patch removes slightly
more complex 2-line PHPDoc comments that don't add any new information
to the code, but literally repeat what the code already says.
They say "don't document the code, code the documentation", and we
are doing this more and more. We just tend to forget to remove the
obsolete comments.
Note I'm also removing a line of text in a few cases when it's very
short and literally says the same as the method name. Again, such
comments add zero new information.
Change-Id: I01535404bab458c6c47e48e5456403b7a64198ed
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
I assume these are all either auto-generated by an IDE or the
language-level type declarations have been added later. In any case
the comments don't add any new information to what the code already
says. This is just extra clutter that makes the code harder to read,
I would argue.
There are many, many more comments like this. In this patch I
intentionally focus on the most trivial 1-line comments.
Change-Id: Ia294bf4ce0d8a77036842fe25884bc175c2b0e7d
|
| |
|
|
|
|
|
|
|
|
|
| |
Allow passing a SelectQueryBuilder to BatchRowIterator,
instead of passing only table names and then setting all
other query info using custom methods.
Hopefully offering this more familiar interface will make
BatchRowIterator easier to use.
Change-Id: I87f81ba693e0a74d414342fa5ffc2eac0bcfdf11
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Why:
- MimeAnalyzer needs ZipDirectoryReader, but it was not part of libs.
This was a problem because libs code must note depend on MediaWiki code.
Since there seem to be no other users of ZipDirectoryReader, the
simplest solution seems to be to move ZipDirectoryReader into the
Wikimedia\Mime library.
What:
- Moved ZipDirectoryReader and ZipDirectoryReaderError into
the Wikimedia\Mime namespace under includes/libs/mime.
Bug: T382910
Bug: T364652
Change-Id: Iccdade8dcd3211b7e2df2e50694da8d97c82b59e
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
MWCryptHKDF was added ten years ago (in af66c04d39ad96a0), and as far as
I can tell, it was never used anywhere. It seems unlikely that CryptHKDF
will be used in the future, at least in its current form, for several
reasons:
* PHP 7.1.2+ has hash_hkdf(), so HKDF() would not be needed.
* At the time MWCryptHKDF was created, access to a CSPRNG was dependent
on server configuration: operating system, enabled PHP extensions,
open_basedir, etc. The "clock drift" RNG used as a last resort was not
considered to be secure or fast enough for generating large amounts of
output.[1] random_bytes(), added in PHP 7, changed the situation.
* Depleting the input pool of Linux's RNG is no longer a concern; there
is no more blocking output pool for /dev/random.[2][3] In 2022, this
change and others, including some that improved performance,[4] were
backported to stable kernels as old as 4.9.[5]
* $wgAuthenticationTokenVersion obviated the primary use case of
quickly resetting the user_token field for all users, assuming all
the existing tokens are unique.
* CryptHKDF seems to perform much slower than random_bytes(), at least
on Linux, making it pointless to use given that the other reasons for
its existence no longer apply.
[1]: https://bots.wmflabs.org/logs/%23mediawiki-core/20161004.txt
[2]: https://lwn.net/Articles/808575/
[3]: https://lore.kernel.org/all/cover.1577088521.git.luto@kernel.org/
[4]: https://www.zx2c4.com/projects/linux-rng-5.17-5.18/
[5]: https://lore.kernel.org/all/Yo3pmh9hiUFtQz77@zx2c4.com/T/
Change-Id: I29136fad826341d21728671aa30285d5551f1162
|
| |
|
|
| |
Change-Id: I27b9a19ab952ede1267921bd042af0fe1c89e228
|
| |
|
|
|
|
|
|
|
|
|
| |
Implicitly marking parameter $... as nullable is deprecated in php8.4,
the explicit nullable type must be used instead
Created with autofix from Ide15839e98a6229c22584d1c1c88c690982e1d7a
Break one long line in SpecialPage.php
Bug: T376276
Change-Id: I807257b2ba1ab2744ab74d9572c9c3d3ac2a968e
|
| |
|
|
|
| |
Bug: T353458
Change-Id: I49c843c9d8f6459c0fbf774afeea7a82fa564b59
|
| |
|
|
|
| |
Bug: T353458
Change-Id: If0137003ab625017d322d57870448a02569668c3
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Callers should not catch an unchecked exception, so it doesn't belong
in a function signature. Unchecked exceptions indicate a coding error,
which by definition the code will not be able to handle correctly.
If any of these exceptions were supposed to be in response to an edge
case, user input, or initial conditions, then they should be changed
to a runtime error. If the exception class cannot be changed, then
the annotation should include a comment explaining its purpose and
prognosis.
Bug: T240672
Change-Id: I2e640b9737cb68090a8e1cb70067d1b74037d647
|
| |
|
|
| |
Change-Id: I5e47ecd560218df7e48af68e6aee351bc2a57823
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add doc-typehints to class properties found by the PropertyDocumentation
sniff to improve the documentation.
Once the sniff is enabled it avoids that new code is missing type
declarations. This is focused on documentation and does not change code.
Improve a mixed type to string
Change-Id: Id994553eaeac181775ac782423ff53928ad45466
|
| |/
|
|
|
|
|
| |
Unused since addition of class property in 6906724935 (r100779)
Unused since dynamic creation in 0a21e2de12 (r82783)
Change-Id: I72c7dab67ef12d229fb232311e404467260d742d
|
| |
|
|
|
|
|
|
| |
This touches various production classes and maintenance scripts.
The code should do the exact same as before. The main benefit is that
the syntax avoids any repetition.
Change-Id: I5c552125469f4d7fb5b0fe494d198951b05eb35f
|
| |
|
|
|
| |
Bug: T353458
Change-Id: Id3202c0c4f4a2043bf97b7caee081acab684155c
|
| |
|
|
|
|
|
|
|
| |
And deprecated aliases for the the no namespaced classes.
ReplicatedBagOStuff that already is deprecated isn't moved.
Bug: T353458
Change-Id: Ie01962517e5b53e59b9721e9996d4f1ea95abb51
|
| |
|
|
|
|
|
| |
Changes to the use statements done automatically via script
Addition of missing use statement done manually
Change-Id: Ic4d4dd61de5ab896fb6173eb579c81f164a1e4a3
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
In PHP 8, but not in PHP 7.4, every class with a __toString() function
implicitly implements the Stringable interface. Therefore, the
behavior of checks like "instanceof Stringable" differs between these
PHP versions when such classes are involved. Make every such class
implement the interface so that the behavior will be consistent.
The PHP 7.4 fallback for the Stringable interface is provided by
symfony/polyfill-php80.
Change-Id: I3f0330c2555c7d3bf99b654ed3c0b0303e257ea1
|
| |
|
|
|
|
|
|
|
| |
This patch introduces a namespace declaration for the
Wikimedia\FileBackend to FileBackend and establishes a class
alias marked as deprecated since version 1.43.
Bug: T353458
Change-Id: Id897687b1d679fd7d179e3a32e617aae10ebff33
|
| |
|
|
|
|
|
|
|
| |
This patch introduces a namespace declaration for the
MediaWiki\Json to FormatJson and establishes a class
alias marked as deprecated since version 1.43.
Bug: T353458
Change-Id: I5e1311e4eb7a878a7db319b725ae262f40671c32
|
| |
|
|
|
|
|
|
|
| |
This cases cannot benefit from the SelectQueryBuilder as each argument
get processed by hooks with fix signature or coming from abstract
functions providing the arguments separate.
Bug: T344971
Change-Id: I6490caae3984efaae81bd2583220a7dd1c3b371d
|
| |
|
|
|
| |
Bug: T353458
Change-Id: I99d728bd111ff882220cd175ff09d4da20b81eae
|
| |
|
|
|
|
|
|
| |
Fix the real issues found by this sniff, and convert the remaining
false positive ignores to per-line ignores so that any more real issues
won't be added.
Change-Id: I18e75d59df327e2d93a3a487c115e92b9f268722
|
| |
|
|
| |
Change-Id: I228f4d6fbf8195ca50b770e916dc09a40383ca1b
|
| |
|
|
|
|
| |
As well as make use of the ??= operator where it makes sense.
Change-Id: I7d9aea8c4b985613016a918b7e0c87d2e0ffd01b
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On my Windows machine, I was getting the following Phan warning:
includes\utils\GitInfo.php:159 UnusedPluginSuppression
Plugin BuiltinSuppressionPlugin suppresses issue
PhanPluginDuplicateArrayKey on this line but this
suppression is unused or suppressed elsewhere
Indeed, this isn't a PhanPluginDuplicateArrayKey issue on Windows,
since DIRECTORY_SEPARATOR is `\`; but it is a legitimate warning
on other systems where DIRECTORY_SEPARATOR is `/`.
Refactor the code slightly so as to not create an array with
potentially duplicate keys.
Change-Id: I4be38aa9fefde26d58139d74a85359961229baec
|
| |
|
|
| |
Change-Id: I7f85d931d3b79da23e87b4e5692b2e14be8fcaa0
|
| |
|
|
|
| |
Bug: T353458
Change-Id: I088cbc53fbcdb974e5b05b45a62e91709dacc024
|
| |
|
|
|
|
|
|
|
|
|
| |
* Switch out raw Exceptions, mostly for InvalidArgumentExceptions.
* Fake exceptions triggered to give Monolog a backtrace are for
some reason "traditionally" RuntimeExceptions, instead, so we
continue to use that pattern in remaining locations.
* Just entirely give up on PostgresResultWrapper's resource vs. object mess.
* Drop now-unneeded false positive hits.
Change-Id: Id183ab60994cd9c6dc80401d4ce4de0ddf2b3da0
|
| |
|
|
|
| |
Bug: T353458
Change-Id: I4dbef138fd0110c14c70214282519189d70c94fb
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This makes the code quit a bit more readable, I believe.
strpos is especially confusing because it can return false when a
string doesn't contain the needle, as well as 0 when the string
starts with the needle. This is sometimes used as a feature (i.e. to
check if a string contains the needle, but doesn't start with it),
but that's not the case here.
A slightly more complicated change is made in TitleTest. But this is
only in a test and should verify itself when the test still succeeds.
Change-Id: I355ad1dc8e1725ae7a1eb652ec047ce7ff589cdf
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Some less trivial cases. Also update variable names.
This doesn't really change anything, but I hope it helps promote
getConnectionProvider() as the common way to do this.
Follow-up to 8604c384f624273f46b653ec252ffaed30e6ff89.
Change-Id: I6657d783375fac5c7fa856b884ff1fb09285e94c
|
| |/
|
|
|
| |
Bug: T328220
Change-Id: Ic45438d9e6bbf127f1415add81ab902044765840
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Helps bot operators adhere to the principle of least privileges.
Grants can now be restricted to allow editing (and other write
operations) for upto 25 listed pages. The page IDs are persisted within
the bp_restrictions field of bot_passwords table, and in the session
metadata.
This restriction is checked only as part of expensive checks in
PermissionManager, since they are not applicable for UI actions.
Bug: T349957
Change-Id: I3d228eb97664d040a160c5b742d9176fdfae9a43
|
| |
|
|
|
|
|
|
|
|
|
| |
Earlier, loadDataFromRequest() returned MWRestrictions object only in
case of valid input, and the original string if invalid. Now, an
MWRestrictions object is returned in all cases, on which we now have a
validity field. This also de-duplicates the check to find the invalid IP
address(es).
Bug: T349957
Change-Id: Iadb762b572cf0e7d2b92dbc4912804a3ddb48e74
|
| |
|
|
| |
Change-Id: I44ad0e48835bbe963bfc921b71dd8a1b48eaced1
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Avoid calling the SpecialPage code directly in e.g. an API module.
* Remove unused method "getGitCurrentBranch" on internal class
without deprecation.
* Mark "getGitHeadSha1" as hard-deprecation first, as there are
(unfortunately) two direct callers in Codesearch.
* Reduce indirection of non-configurable $IP and $wgBaseDirectory
variables in favour of MW_INSTALL_PATH or GitInfo::repo().
* Move potentially duplicate brief and ingroup from file doc
to class doc. See also
<https://gerrit.wikimedia.org/r/q/message:ingroup+owner:Krinkle>
Add example of LocalSettings.php use case, based on the
original 36b1172147 (I2a76662bb4) commit message.
* Remove use of AtEase (T253461).
* Fix potential Windows bug where only backslash was replaced, since
that is the canonical path separator, but for this use case, regular
slash should (also) be substituted since most contexts on Windows
nowadays support that as well, e.g. \foo/bar and \foo\bar are
equivalent on Windows.
Change-Id: Ib2c89461edc358404544e4236a7a2dc5699b8d4e
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Instead of replacing 1 character at a time the functions used here
can replace sequences of any length. This can dramatically reduce the
function call overhead.
Also make use of the `fn ()` syntax because we can.
Change-Id: I2dbc2271aa7847d9b687703f837cb0d850596ef0
|
| |/
|
|
|
|
| |
Suggested by phan, available since php7.4
Change-Id: Ic372ba9abb14de1196b89fca079e99168464eb06
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This hack was originally added to wfParseUrl
as a fix for T10324 specifically for LinkFilter,
however according to the RFC 3986 this is wrong.
RFC defines that in URLs the authority component
must start with //, so in urls without //, e.g. news:
or mailto: there is no authority component, and thus
no host component, everything after : is actually a path,
so default PHP parse_url is correct.
RFC even has an example:
> For example, the URI <mailto:fred@example.com>
has a path of "fred@example.com".
It's fairly ugly to just copy-paste the hack
into LinkFilter, but I didn't find an easy and
elegant way to rewrite it without making any
changes to the link indexes values stored in the DB.
See https://datatracker.ietf.org/doc/html/rfc3986
Co-Authored-by: 沈澄心 <dringsim@qq.com>
Change-Id: I3dd04495db9c7a66f62c3914c0eff06754b7d560
|
| | |
| |
| |
| |
| | |
Bug: T166010
Change-Id: I7257302b485588af31384d4f7fc8e30551f161f1
|
| |/
|
|
|
|
|
| |
This has been approved as part of RFC T166010
Bug: T321882
Change-Id: I6bbdbbe6ea48cc1f50bc568bb8780fc7c5361a6f
|
| |
|
|
| |
Change-Id: I7fd16236c60cb5e1f2d09b9bdb09df130d345c71
|
| |
|
|
| |
Change-Id: I5ffbe7fc4bd1fec1ff4e4e86b8e11f69b11c1b6d
|
