path: root/docs/config-schema.yaml

# This file is automatically generated using maintenance/generateConfigSchema.php.
# Do not modify this file manually, edit includes/MainConfigSchema.php instead.
config-schema:
    ConfigRegistry:
        default:
            main: 'GlobalVarConfig::newInstance'
        type: object
        description: |-
            Registry of factory functions to create config objects:
            The 'main' key must be set, and the value should be a valid
            callable.
            @since 1.23
    Sitename:
        default: MediaWiki
        description: 'Name of the site. It must be changed in LocalSettings.php'
    Server:
        default: false
        description: |-
            URL of the server.
            **Example:**
            ```
            $wgServer = 'http://example.com';
            ```
            This must be set in LocalSettings.php. The MediaWiki installer does this
            automatically since 1.18.
            If you want to use protocol-relative URLs on your wiki, set this to a
            protocol-relative URL like '//example.com' and set $wgCanonicalServer
            to a fully qualified URL.
    CanonicalServer:
        default: false
        description: |-
            Canonical URL of the server, to use in IRC feeds and notification e-mails.
            Must be fully qualified, even if $wgServer is protocol-relative.
            Defaults to $wgServer, expanded to a fully qualified http:// URL if needed.
            @since 1.18
    ServerName:
        default: false
        description: |-
            Server name. This is automatically computed by parsing the bare
            hostname out of $wgCanonicalServer. It should not be customized.
            @since 1.24
    AssumeProxiesUseDefaultProtocolPorts:
        default: true
        type: boolean
        description: |-
            When the wiki is running behind a proxy and this is set to true, assumes that the proxy
            exposes the wiki on the standard ports (443 for https and 80 for http).
            @since 1.26
    HttpsPort:
        default: 443
        description: |-
            For installations where the canonical server is HTTP but HTTPS is optionally
            supported, you can specify a non-standard HTTPS port here. $wgServer should
            be a protocol-relative URL.
            If HTTPS is always used, just specify the port number in $wgServer.
            @see https://phabricator.wikimedia.org/T67184
            @since 1.24
    ForceHTTPS:
        default: false
        type: boolean
        description: |-
            If this is true, when an insecure HTTP request is received, always redirect
            to HTTPS. This overrides and disables the preferhttps user preference, and it
            overrides $wgSecureLogin.
            $wgServer may be either https or protocol-relative. If $wgServer starts with
            "http://", an exception will be thrown.
            If a reverse proxy or CDN is used to forward requests from HTTPS to HTTP,
            the request header "X-Forwarded-Proto: https" should be sent to suppress
            the redirect.
            In addition to setting this to true, for optimal security, the web server
            should also be configured to send Strict-Transport-Security response headers.
            @since 1.35
    ScriptPath:
        default: /wiki
        description: |-
            The path we should point to.
            It might be a virtual path in case with use apache mod_rewrite for example.
            This *needs* to be set correctly.
            Other paths will be set to defaults based on it unless they are directly
            set in LocalSettings.php
    UsePathInfo:
        dynamicDefault:
            callback: [MediaWiki\MainConfigSchema, getDefaultUsePathInfo]
        description: |-
            Whether to support URLs like index.php/Page_title.
            The effective default value is determined at runtime:
            it will be enabled in environments where it is expected to be safe.
            Override this to false if $_SERVER['PATH_INFO'] contains unexpectedly
            incorrect garbage, or to true if it is really correct.
            The default $wgArticlePath will be set based on this value at runtime, but if
            you have customized it, having this incorrectly set to true can cause
            redirect loops when "pretty URLs" are used.
            @since 1.2.1
        default: null
    Script:
        default: false
        dynamicDefault:
            use: [ScriptPath]
            callback: [MediaWiki\MainConfigSchema, getDefaultScript]
        description: |-
            The URL path to index.php.
            Defaults to "{$wgScriptPath}/index.php".
    LoadScript:
        default: false
        dynamicDefault:
            use: [ScriptPath]
            callback: [MediaWiki\MainConfigSchema, getDefaultLoadScript]
        description: |-
            The URL path to load.php.
            Defaults to "{$wgScriptPath}/load.php".
            @since 1.17
    RestPath:
        default: false
        dynamicDefault:
            use: [ScriptPath]
            callback: [MediaWiki\MainConfigSchema, getDefaultRestPath]
        description: |-
            The URL path to the REST API.
            Defaults to "{$wgScriptPath}/rest.php"
            @since 1.34
    StylePath:
        default: false
        dynamicDefault:
            use: [ResourceBasePath]
            callback: [MediaWiki\MainConfigSchema, getDefaultStylePath]
        description: |-
            The URL path of the skins directory.
            Defaults to "{$wgResourceBasePath}/skins".
            @since 1.3
    LocalStylePath:
        default: false
        dynamicDefault:
            use: [ScriptPath]
            callback: [MediaWiki\MainConfigSchema, getDefaultLocalStylePath]
        description: |-
            The URL path of the skins directory. Should not point to an external domain.
            Defaults to "{$wgScriptPath}/skins".
            @since 1.17
    ExtensionAssetsPath:
        default: false
        dynamicDefault:
            use: [ResourceBasePath]
            callback: [MediaWiki\MainConfigSchema, getDefaultExtensionAssetsPath]
        description: |-
            The URL path of the extensions directory.
            Defaults to "{$wgResourceBasePath}/extensions".
            @since 1.16
    ExtensionDirectory:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Extensions directory in the file system.
            @note Set to "{$IP}/extensions" by Setup.php before loading local settings.
            @note this configuration variable is used to locate extensions while loading settings.
            @since 1.25
    StyleDirectory:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Skins directory in the file system.
            @note Set to "{$IP}/skins" by Setup.php before loading local settings.
            @note this configuration variable is used to locate skins while loading settings.
            @since 1.3
    BaseDirectory:
        default: null
        description: |-
            Absolute filesystem path of the root directory of the MediaWiki installation.
            The MW_INSTALL_PATH environment variable can be used to set this.
            @note Automatically set in Setup.php before loading local settings.
            @note Do not modify in settings files! Must remain equal to the MW_INSTALL_PATH constant
                  defined in Setup.php.
            @since 1.38
    ArticlePath:
        default: false
        dynamicDefault:
            use: [Script, UsePathInfo]
            callback: [MediaWiki\MainConfigSchema, getDefaultArticlePath]
        description: |-
            The URL path for primary article page views. This path should contain $1,
            which is replaced by the article title.
            Defaults to "{$wgScript}/$1" or "{$wgScript}?title=$1",
            depending on $wgUsePathInfo.
    UploadPath:
        default: false
        dynamicDefault:
            use: [ScriptPath]
            callback: [MediaWiki\MainConfigSchema, getDefaultUploadPath]
        description: |-
            The URL path for the images directory.
            Defaults to "{$wgScriptPath}/images".
    ImgAuthPath:
        default: false
        description: |-
            The base path for img_auth.php. This is used to interpret the request URL
            for requests to img_auth.php that do not match the base upload path. If
            false, "{$wgScriptPath}/img_auth.php" is used.
            Normally, requests to img_auth.php have a REQUEST_URI which matches
            $wgUploadPath, and in that case, setting this should not be necessary.
            This variable is used in case img_auth.php is accessed via a different path
            than $wgUploadPath.
            @since 1.35
    ThumbPath:
        default: false
        description: |-
            The base path for thumb_handler.php. This is used to interpret the request URL
            for requests to thumb_handler.php that do not match the base upload path.
            @since 1.36
    UploadDirectory:
        default: false
        dynamicDefault:
            use: [BaseDirectory]
            callback: [MediaWiki\MainConfigSchema, getDefaultUploadDirectory]
        description: 'The filesystem path of the images directory. Defaults to "{$IP}/images".'
    FileCacheDirectory:
        default: false
        dynamicDefault:
            use: [UploadDirectory]
            callback: [MediaWiki\MainConfigSchema, getDefaultFileCacheDirectory]
        description: |-
            Directory where the cached page will be saved.
            Defaults to "{$wgUploadDirectory}/cache".
    Logo:
        default: false
        dynamicDefault:
            use: [ResourceBasePath]
            callback: [MediaWiki\MainConfigSchema, getDefaultLogo]
        description: |-
            The URL path of the wiki logo. The logo size should be 135x135 pixels.
            Defaults to "$wgResourceBasePath/resources/assets/change-your-logo.svg".
            Developers should retrieve this logo (and other variants) using
            the static function MediaWiki\ResourceLoader\SkinModule::getAvailableLogos
            Ignored if $wgLogos is set.
    Logos:
        default: false
        type:
            - object
            - boolean
        description: |-
            Specification for different versions of the wiki logo.
            This is an array which should have the following k/v pairs:
            All path values can be either absolute or relative URIs
            The `1x` key is a path to the 1x version of square logo (should be 135x135 pixels)
            The `1.5x` key is a path to the 1.5x version of square logo
            The `2x` key is a path to the 2x version of square logo
            The `svg` key is a path to the svg version of square logo
            The `icon` key is a path to the version of the logo without wordmark and tagline
            The `wordmark` key may be null or an array with the following fields
             - `src` path to wordmark version
             - `1x` path to svg wordmark version (if you want to
                support browsers with SVG support with an SVG logo)
             - `width` width of the logo in pixels
             - `height` height of the logo in pixels
            The `tagline` key may be null or array with the following fields
             - `src` path to tagline image
             - `width` width of the tagline in pixels
             - `height` height of the tagline in pixels
            @par Example:
            @code
            $wgLogos = [
               '1x' => 'path/to/1x_version.png',
               '1.5x' => 'path/to/1.5x_version.png',
               '2x' => 'path/to/2x_version.png',
               'svg' => 'path/to/svg_version.svg',
               'icon' => 'path/to/icon.png',
               'wordmark' => [
                 'src' => 'path/to/wordmark_version.png',
                 '1x' => 'path/to/wordmark_version.svg',
                 'width' => 135,
                 'height' => 20,
               ],
               'tagline' => [
                 'src' => 'path/to/tagline_version.png',
                 'width' => 135,
                 'height' => 15,
               ]
            ];
            @endcode
            Defaults to [ "1x" => $wgLogo ],
              or [ "1x" => "$wgResourceBasePath/resources/assets/change-your-logo.svg" ] if $wgLogo is not set.
            @since 1.35
    Favicon:
        default: /favicon.ico
        description: |-
            The URL path of the icon.
            @since 1.6
    AppleTouchIcon:
        default: false
        description: |-
            The URL path of the icon for iPhone and iPod Touch web app bookmarks.
            Defaults to no icon.
            @since 1.12
    ReferrerPolicy:
        default: false
        type:
            - array
            - string
            - boolean
        description: |-
            Value for the referrer policy meta tag.
            One or more of the values defined in the Referrer Policy specification:
            https://w3c.github.io/webappsec-referrer-policy/
            ('no-referrer', 'no-referrer-when-downgrade', 'same-origin',
            'origin', 'strict-origin', 'origin-when-cross-origin',
            'strict-origin-when-cross-origin', or 'unsafe-url')
            Setting it to false prevents the meta tag from being output
            (which results in falling back to the Referrer-Policy header,
            or 'no-referrer-when-downgrade' if that's not set either.)
            Setting it to an array (supported since 1.31) will create a meta tag for
            each value, in the reverse of the order (meaning that the first array element
            will be the default and the others used as fallbacks for browsers which do not
            understand it).
            @since 1.25
    TmpDirectory:
        default: false
        description: |-
            The local filesystem path to a temporary directory. This must not be web-accessible.
            When this setting is set to false, its value will automatically be decided
            through the first call to wfTempDir(). See that method's implementation for
            the actual detection logic.
            To find the temporary path for the current wiki, developers must not use
            this variable directly. Use the global function wfTempDir() instead.
            The temporary directory is expected to be shared with other applications,
            including other MediaWiki instances (which might not run the same version
            or configuration). When storing files here, take care to avoid conflicts
            with other instances of MediaWiki. For example, when caching the result
            of a computation, the file name should incorporate the input of the
            computation so that it cannot be confused for the result of a similar
            computation by another MediaWiki instance.
            @see \wfTempDir()
            @note Default changed to false in MediaWiki 1.20.
    UploadBaseUrl:
        default: ''
        description: |-
            If set, this URL is added to the start of $wgUploadPath to form a complete
            upload URL.
            @since 1.4
    UploadStashScalerBaseUrl:
        default: false
        deprecated: 'since 1.36 Use thumbProxyUrl in $wgLocalFileRepo'
        description: |-
            To enable remote on-demand scaling, set this to the thumbnail base URL.
            Full thumbnail URL will be like $wgUploadStashScalerBaseUrl/e/e6/Foo.jpg/123px-Foo.jpg
            where 'e6' are the first two characters of the MD5 hash of the file name.
            @deprecated since 1.36 Use thumbProxyUrl in $wgLocalFileRepo
            If $wgUploadStashScalerBaseUrl and thumbProxyUrl are both false, thumbs are
            rendered locally as needed.
            @since 1.17
    ActionPaths:
        default: {  }
        type: object
        description: |-
            To set 'pretty' URL paths for actions other than
            plain page views, add to this array.
            **Example:**
            Set pretty URL for the edit action:
            ```
              'edit' => "$wgScriptPath/edit/$1"
            ```
            There must be an appropriate script or rewrite rule in place to handle these URLs.
            @since 1.5
    MainPageIsDomainRoot:
        default: false
        type: boolean
        description: |-
            When enabled, the domain root will show the wiki's main page,
            instead of redirecting to the main page.
            @since 1.34
    EnableUploads:
        default: false
        description: |-
            Allow users to upload files.
            Use $wgLocalFileRepo to control how and where uploads are stored.
            Disabled by default as for security reasons.
            See <https://www.mediawiki.org/wiki/Manual:Configuring_file_uploads>.
            @since 1.5
    UploadStashMaxAge:
        default: 21600
        description: 'The maximum age of temporary (incomplete) uploaded files'
    EnableAsyncUploads:
        default: false
        description: |-
            Enable deferred upload tasks that use the job queue.
            Only enable this if job runners are set up for both the
            'AssembleUploadChunks','PublishStashedFile' and 'UploadFromUrl' job types.
    EnableAsyncUploadsByURL:
        default: false
        description: |-
            Enable the async processing of upload by url in Special:Upload.
            Only works if EnableAsyncUploads is also enabled
    UploadMaintenance:
        default: false
        description: 'To disable file delete/restore temporarily'
    IllegalFileChars:
        default: ':\/\\'
        deprecated: 'since 1.41; no longer customizable'
        description: |-
            Additional characters that are not allowed in filenames. They are replaced with '-' when
            uploading. Like $wgLegalTitleChars, this is a regexp character class.
            Slashes and backslashes are disallowed regardless of this setting, but included here for
            completeness.
            @deprecated since 1.41; no longer customizable
    DeletedDirectory:
        default: false
        dynamicDefault:
            use: [UploadDirectory]
            callback: [MediaWiki\MainConfigSchema, getDefaultDeletedDirectory]
        description: |-
            What directory to place deleted uploads in.
            Defaults to "{$wgUploadDirectory}/deleted".
    ImgAuthDetails:
        default: false
        description: 'Set this to true if you use img_auth and want the user to see details on why access failed.'
    ImgAuthUrlPathMap:
        default: {  }
        type: object
        description: |-
            Map of relative URL directories to match to internal mwstore:// base storage paths.
            For img_auth.php requests, everything after "img_auth.php/" is checked to see
            if starts with any of the prefixes defined here. The prefixes should not overlap.
            The prefix that matches has a corresponding storage path, which the rest of the URL
            is assumed to be relative to. The file at that path (or a 404) is send to the client.
            Example:
            $wgImgAuthUrlPathMap['/timeline/'] = 'mwstore://local-fs/timeline-render/';
            The above maps ".../img_auth.php/timeline/X" to "mwstore://local-fs/timeline-render/".
            The name "local-fs" should correspond by name to an entry in $wgFileBackends.
            @see self::FileBackends
    LocalFileRepo:
        default: false
        type:
            - object
            - boolean
        dynamicDefault:
            use: [UploadDirectory, ScriptPath, Favicon, UploadBaseUrl, UploadPath, HashedUploadDirectory, ThumbnailScriptPath, GenerateThumbnailOnParse, DeletedDirectory, UpdateCompatibleMetadata]
            callback: [MediaWiki\MainConfigSchema, getDefaultLocalFileRepo]
        description: |-
            File repository structures
            $wgLocalFileRepo is a single repository structure, and $wgForeignFileRepos is
            an array of such structures. Each repository structure is an associative
            array of properties configuring the repository.
            Properties required for all repos:
              - class            The class name for the repository. May come from the core or an extension.
                                 The core repository classes are FileRepo, LocalRepo, ForeignDBRepo.
              - name             A unique name for the repository (but $wgLocalFileRepo should be 'local').
                                 The name should consist of alpha-numeric characters.
            Optional common properties:
              - backend          A file backend name (see $wgFileBackends). If not specified, or
                                 if the name is not present in $wgFileBackends, an FSFileBackend
                                 will automatically be configured.
              - lockManager      If a file backend is automatically configured, this will be lock
                                 manager name used. A lock manager named in $wgLockManagers, or one of
                                 the default lock managers "fsLockManager" or "nullLockManager". Default
                                 "fsLockManager".
              - favicon          URL to a favicon. This is exposed via FileRepo::getInfo and
                                 ApiQueryFileRepoInfo. Originally for use by MediaViewer (T77093).
            For most core repos:
              - zones            Associative array of zone names that each map to an array with:
                                     container  : backend container name the zone is in
                                     directory  : root path within container for the zone
                                     url        : base URL to the root of the zone
                                     urlsByExt  : map of file extension types to base URLs
                                                  (useful for using a different cache for videos)
                                 Zones default to using "<repo name>-<zone name>" as the container name
                                 and default to using the container root as the zone's root directory.
                                 Nesting of zone locations within other zones should be avoided.
              - url              Public zone URL. The 'zones' settings take precedence.
              - hashLevels       The number of directory levels for hash-based division of files.
                                 Set this to 0 if you do not want MediaWiki to divide your images
                                 directory into many subdirectories.
                                 It is recommended to leave this enabled. In previous versions of
                                 MediaWiki, some users set this to false to allow images to be added to
                                 the wiki by copying them into $wgUploadDirectory and then running
                                 maintenance/rebuildImages.php to register them in the database.
                                 This is no longer supported, use maintenance/importImages.php instead.
                                 Default: 2.
              - deletedHashLevels
                                 Optional 'hashLevels' override for the 'deleted' zone.
              - thumbScriptUrl   The URL for thumb.php (optional, not recommended)
              - transformVia404  Whether to skip media file transformation on parse and rely on a 404
                                 handler instead.
              - thumbProxyUrl    Optional. URL of where to proxy thumb.php requests to. This is
                                 also used internally for remote thumbnailing of upload stash files.
                                 Example: http://127.0.0.1:8888/wiki/dev/thumb/
              - thumbProxySecret Optional value of the X-Swift-Secret header to use in requests to
                                 thumbProxyUrl
              - disableLocalTransform
                                 If present and true, local image scaling will be disabled. If attempted,
                                 it will show an error to the user and log an error message. To avoid an
                                 error, thumbProxyUrl must be set, as well as either transformVia404
                                 (preferred) or thumbScriptUrl.
              - initialCapital   Equivalent to $wgCapitalLinks (or $wgCapitalLinkOverrides[NS_FILE],
                                 determines whether filenames implicitly start with a capital letter.
                                 The current implementation may give incorrect description page links
                                 when the local $wgCapitalLinks and initialCapital are mismatched.
              - pathDisclosureProtection
                                 May be 'paranoid' to remove all parameters from error messages, 'none' to
                                 leave the paths in unchanged, or 'simple' to replace paths with
                                 placeholders. Default for LocalRepo is 'simple'.
              - fileMode         This allows wikis to set the file mode when uploading/moving files. Default
                                 is 0644.
              - directory        The local filesystem directory where public files are stored. Not used for
                                 some remote repos.
              - thumbDir         The base thumbnail directory. Defaults to "<directory>/thumb".
              - thumbUrl         The base thumbnail URL. Defaults to "<url>/thumb".
              - isPrivate        Set this if measures should always be taken to keep the files private.
                                 One should not trust this to assure that the files are not web readable;
                                 the server configuration should be done manually depending on the backend.
              - useJsonMetadata  Whether handler metadata should be stored in JSON format. Default: true.
              - useSplitMetadata Whether handler metadata should be split up and stored in the text table.
                                 Default: false.
              - splitMetadataThreshold
                                 If the media handler opts in, large metadata items will be split into a
                                 separate blob in the database if the item is larger than this threshold.
                                 Default: 1000
              - updateCompatibleMetadata
                                 When true, image metadata will be upgraded by reloading it from the original
                                 file, if the handler indicates that it is out of date.
                                 By default, when purging a file or otherwise refreshing file metadata, it
                                 is only reloaded when the metadata is invalid. Valid data originally loaded
                                 by a current or older compatible version is left unchanged. Enable this
                                 to also reload and upgrade metadata that was stored by an older compatible
                                 version. See also MediaHandler::isMetadataValid, and RefreshImageMetadata.
                                 Default: false.
              - reserializeMetadata
                                 If true, image metadata will be automatically rewritten to the database
                                 if its serialization format is out of date. Default: false
            These settings describe a foreign MediaWiki installation. They are optional, and will be ignored
            for local repositories:
              - descBaseUrl       URL of image description pages, e.g. https://en.wikipedia.org/wiki/File:
              - scriptDirUrl      URL of the MediaWiki installation, equivalent to $wgScriptPath, e.g.
                                  https://en.wikipedia.org/w
              - articleUrl        Equivalent to $wgArticlePath, e.g. https://en.wikipedia.org/wiki/$1
              - fetchDescription  Fetch the text of the remote file description page and display them
                                  on the local wiki.
              - abbrvThreshold    File names over this size will use the short form of thumbnail names.
                                  Short thumbnail names only have the width, parameters, and the extension.
            ForeignDBRepo:
              - dbType, dbServer, dbUser, dbPassword, dbName, dbFlags
                                  equivalent to the corresponding member of $wgDBservers
              - tablePrefix       Table prefix, the foreign wiki's $wgDBprefix
              - hasSharedCache    Set to true if the foreign wiki's $wgMainCacheType is identical to,
                                  and accessible from, this wiki.
            ForeignAPIRepo:
              - apibase              Use for the foreign API's URL
              - apiThumbCacheExpiry  How long to locally cache thumbs for
            If you leave $wgLocalFileRepo set to false, Setup will fill in appropriate values.
            Otherwise, set $wgLocalFileRepo to a repository structure as described above.
            If you set $wgUseInstantCommons to true, it will add an entry for Commons.
            If you set $wgForeignFileRepos to an array of repository structures, those will
            be searched after the local file repo.
            Otherwise, you will only have access to local media files.
            @see \FileRepo::__construct for the default options.
            @see Setup.php for an example usage and default initialization.
    ForeignFileRepos:
        default: []
        type: array
        description: |-
            Enable the use of files from one or more other wikis.
            If you operate multiple wikis, you can declare a shared upload path here.
            Uploads to the local wiki will NOT be stored here - See $wgLocalFileRepo
            and $wgUploadDirectory for that.
            The wiki will only consider the foreign repository if no file of the given name
            is found in the local repository (e.g. via `[[File:..]]` syntax).
            @since 1.11
            @see self::LocalFileRepo
    UseInstantCommons:
        default: false
        description: |-
            Use Wikimedia Commons as a foreign file repository.
            This is a shortcut for adding an entry to $wgForeignFileRepos
            for https://commons.wikimedia.org, using ForeignAPIRepo with the
            default settings.
            @since 1.16
    UseSharedUploads:
        default: false
        type: boolean
        description: |-
            Shortcut for adding an entry to $wgForeignFileRepos.
            Uses the following variables:
            - directory: $wgSharedUploadDirectory.
            - url: $wgSharedUploadPath.
            - hashLevels: Based on $wgHashedSharedUploadDirectory.
            - thumbScriptUrl: $wgSharedThumbnailScriptPath.
            - transformVia404: Based on $wgGenerateThumbnailOnParse.
            - descBaseUrl: $wgRepositoryBaseUrl.
            - fetchDescription: $wgFetchCommonsDescriptions.
            If $wgSharedUploadDBname is set, it uses the ForeignDBRepo
            class, with also the following variables:
            - dbName: $wgSharedUploadDBname.
            - dbType: $wgDBtype.
            - dbServer: $wgDBserver.
            - dbUser: $wgDBuser.
            - dbPassword: $wgDBpassword.
            - dbFlags: Based on $wgDebugDumpSql.
            - tablePrefix: $wgSharedUploadDBprefix,
            - hasSharedCache: $wgCacheSharedUploads.
            @since 1.3
    SharedUploadDirectory:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Shortcut for the 'directory' setting of $wgForeignFileRepos.
            Only used if $wgUseSharedUploads is enabled.
            @since 1.3
    SharedUploadPath:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Shortcut for the 'url' setting of $wgForeignFileRepos.
            Only used if $wgUseSharedUploads is enabled.
            @since 1.3
    HashedSharedUploadDirectory:
        default: true
        type: boolean
        description: |-
            Shortcut for the 'hashLevels' setting of $wgForeignFileRepos.
            Only used if $wgUseSharedUploads is enabled.
            @since 1.3
    RepositoryBaseUrl:
        default: 'https://commons.wikimedia.org/wiki/File:'
        description: |-
            Shortcut for the 'descBaseUrl' setting of $wgForeignFileRepos.
            Only used if $wgUseSharedUploads is enabled.
            @since 1.5
    FetchCommonsDescriptions:
        default: false
        type: boolean
        description: |-
            Shortcut for the 'fetchDescription' setting of $wgForeignFileRepos.
            Only used if $wgUseSharedUploads is enabled.
            @since 1.5
    SharedUploadDBname:
        default: false
        type:
            - boolean
            - string
        description: |-
            Shortcut for the ForeignDBRepo 'dbName' setting in $wgForeignFileRepos.
            Set this to false if the uploads do not come from a wiki.
            Only used if $wgUseSharedUploads is enabled.
            @since 1.4
    SharedUploadDBprefix:
        default: ''
        type: string
        description: |-
            Shortcut for the ForeignDBRepo 'tablePrefix' setting in $wgForeignFileRepos.
            Only used if $wgUseSharedUploads is enabled.
            @since 1.5
    CacheSharedUploads:
        default: true
        type: boolean
        description: |-
            Shortcut for the ForeignDBRepo 'hasSharedCache' setting in $wgForeignFileRepos.
            Only used if $wgUseSharedUploads is enabled.
            @since 1.5
    ForeignUploadTargets:
        default:
            - local
        type: array
        description: |-
            Array of foreign file repo names (set in $wgForeignFileRepos above) that
            are allowable upload targets. These wikis must have some method of
            authentication (i.e. CentralAuth), and be CORS-enabled for this wiki.
            The string 'local' signifies the default local file repository.
            Example:
            $wgForeignUploadTargets = [ 'shared' ];
    UploadDialog:
        default:
            fields: { description: true, date: false, categories: false }
            licensemessages: { local: generic-local, foreign: generic-foreign }
            comment: { local: '', foreign: '' }
            format: { filepage: $DESCRIPTION, description: $TEXT, ownwork: '', license: '', uncategorized: '' }
        type: object
        description: |-
            Configuration for file uploads using the embeddable upload dialog
            (https://www.mediawiki.org/wiki/Upload_dialog).
            This applies also to foreign uploads to this wiki (the configuration is loaded by remote
            wikis using the action=query&meta=siteinfo API).
            See below for documentation of each property. None of the properties may be omitted.
    FileBackends:
        default: {  }
        type: object
        description: |-
            File backend structure configuration.
            This is an array of file backend configuration arrays.
            Each backend configuration has the following parameters:
             - name        : A unique name for the backend
             - class       : The file backend class to use
             - wikiId      : A unique string that identifies the wiki (container prefix)
             - lockManager : The name of a lock manager (see $wgLockManagers) [optional]
            See FileBackend::__construct() for more details.
            Additional parameters are specific to the file backend class used.
            These settings should be global to all wikis when possible.
            FileBackendMultiWrite::__construct() is augmented with a 'template' option that
            can be used in any of the values of the 'backends' array. Its value is the name of
            another backend in $wgFileBackends. When set, it pre-fills the array with all of the
            configuration of the named backend. Explicitly set values in the array take precedence.
            There are two particularly important aspects about each backend:
              - a) Whether it is fully qualified or wiki-relative.
                   By default, the paths of files are relative to the current wiki,
                   which works via prefixing them with the current wiki ID when accessed.
                   Setting 'domainId' forces the backend to be fully qualified by prefixing
                   all paths with the specified value instead. This can be useful if
                   multiple wikis need to share the same data. Note that 'name' is *not*
                   part of any prefix and thus should not be relied upon for namespacing.
              - b) Whether it is only defined for some wikis or is defined on all
                   wikis in the wiki farm. Defining a backend globally is useful
                   if multiple wikis need to share the same data.
            One should be aware of these aspects when configuring a backend for use with
            any basic feature or plugin. For example, suppose an extension stores data for
            different wikis in different directories and sometimes needs to access data from
            a foreign wiki's directory in order to render a page on given wiki. The extension
            would need a fully qualified backend that is defined on all wikis in the wiki farm.
    LockManagers:
        default: []
        type: array
        description: |-
            List of lock manager backend configurations.
            Each backend configuration has the following parameters:
             - name  : A unique name for the lock manager
             - class : The lock manager class to use
            See LockManager::__construct() for more details.
            Additional parameters are specific to the lock manager class used.
            These settings should be global to all wikis.
    ShowEXIF:
        dynamicDefault:
            callback: [MediaWiki\MainConfigSchema, getDefaultShowEXIF]
        description: |-
            Whether to show Exif data.
            The effective default value is determined at runtime:
            enabled if PHP's EXIF extension module is loaded.
            Requires PHP's Exif extension: https://www.php.net/manual/en/ref.exif.php
            @note FOR WINDOWS USERS:
            To enable Exif functions, add the following line to the "Windows
            extensions" section of php.ini:
            ```{.ini}
            extension=extensions/php_exif.dll
            ```
        default: null
    UpdateCompatibleMetadata:
        default: false
        description: 'Shortcut for the ''updateCompatibleMetadata'' setting of $wgLocalFileRepo.'
    AllowCopyUploads:
        default: false
        description: |-
            Allow for upload to be copied from an URL.
            The timeout for copy uploads is set by $wgCopyUploadTimeout.
            You have to assign the user right 'upload_by_url' to a user group, to use this.
    CopyUploadsDomains:
        default: []
        type: array
        description: |-
            A list of domains copy uploads can come from
            @since 1.20
    CopyUploadsFromSpecialUpload:
        default: false
        description: |-
            Enable copy uploads from Special:Upload. $wgAllowCopyUploads must also be
            true. If $wgAllowCopyUploads is true, but this is false, you will only be
            able to perform copy uploads from the API or extensions (e.g. UploadWizard).
    CopyUploadProxy:
        default: false
        description: |-
            Proxy to use for copy upload requests.
            @since 1.20
    CopyUploadTimeout:
        default: false
        type:
            - boolean
            - integer
        description: |-
            Different timeout for upload by url
            This could be useful since when fetching large files, you may want a
            timeout longer than the default $wgHTTPTimeout. False means fallback
            to default.
            @since 1.22
    CopyUploadAllowOnWikiDomainConfig:
        default: false
        description: |-
            If true, the value of $wgCopyUploadsDomains will be merged with the
            contents of MediaWiki:Copyupload-allowed-domains.
            @since 1.39
    MaxUploadSize:
        default: 104857600
        description: |-
            Max size for uploads, in bytes.
            If not set to an array, applies to all uploads. If set to an array, per upload
            type maximums can be set, using the file and url keys. If the `*` key is set
            this value will be used as maximum for non-specified types.
            The below example would set the maximum for all uploads to 250 KiB except,
            for upload-by-url, which would have a maximum of 500 KiB.
            **Example:**
            ```
            $wgMaxUploadSize = [
                '*' => 250 * 1024,
                'url' => 500 * 1024,
            ];
            ```
            Default: 100 MiB.
    MinUploadChunkSize:
        default: 1024
        description: |-
            Minimum upload chunk size, in bytes.
            When using chunked upload, non-final chunks smaller than this will be rejected.
            Note that this may be further reduced by the `upload_max_filesize` and
            `post_max_size` PHP settings. Use ApiUpload::getMinUploadChunkSize to
            get the effective minimum chunk size used by MediaWiki.
            Default: 1 KiB.
            @since 1.26
            @see \ApiUpload::getMinUploadChunkSize
    UploadNavigationUrl:
        default: false
        description: |-
            Point the upload navigation link to an external URL
            Useful if you want to use a shared repository by default
            without disabling local uploads (use $wgEnableUploads = false for that).
            **Example:**
            ```
            $wgUploadNavigationUrl = 'https://commons.wikimedia.org/wiki/Special:Upload';
            ```
    UploadMissingFileUrl:
        default: false
        description: |-
            Point the upload link for missing files to an external URL, as with
            $wgUploadNavigationUrl. The URL will get "(?|&)wpDestFile=<filename>"
            appended to it as appropriate.
    ThumbnailScriptPath:
        default: false
        description: |-
            Give a path here to use thumb.php for thumbnail generation on client
            request, instead of generating them on render and outputting a static URL.
            This is necessary if some of your apache servers don't have read/write
            access to the thumbnail path.
            **Example:**
            ```
            $wgThumbnailScriptPath = "{$wgScriptPath}/thumb.php";
            ```
    SharedThumbnailScriptPath:
        default: false
        type:
            - string
            - boolean
        description: |-
            Shortcut for the 'thumbScriptUrl' setting of $wgForeignFileRepos.
            Only used if $wgUseSharedUploads is enabled.
            @since 1.3
    HashedUploadDirectory:
        default: true
        type: boolean
        description: |-
            Shortcut for setting `hashLevels=2` in $wgLocalFileRepo.
            @note Only used if $wgLocalFileRepo is not set.
    FileExtensions:
        default:
            - png
            - gif
            - jpg
            - jpeg
            - webp
        type: array
        description: |-
            This is the list of preferred extensions for uploading files. Uploading files
            with extensions not in this list will trigger a warning.
            @warning If you add any OpenOffice or Microsoft Office file formats here,
            such as odt or doc, and untrusted users are allowed to upload files, then
            your wiki will be vulnerable to cross-site request forgery (CSRF).
    ProhibitedFileExtensions:
        default:
            - html
            - htm
            - js
            - jsb
            - mhtml
            - mht
            - xhtml
            - xht
            - php
            - phtml
            - php3
            - php4
            - php5
            - phps
            - phar
            - shtml
            - jhtml
            - pl
            - py
            - cgi
            - exe
            - scr
            - dll
            - msi
            - vbs
            - bat
            - com
            - pif
            - cmd
            - vxd
            - cpl
            - xml
        type: array
        description: |-
            Files with these extensions will never be allowed as uploads.
            An array of file extensions to prevent being uploaded. You should
            append to this array if you want to prevent additional file extensions.
            @since 1.37; previously $wgFileBlacklist
    MimeTypeExclusions:
        default:
            - text/html
            - application/javascript
            - text/javascript
            - text/x-javascript
            - application/x-shellscript
            - application/x-php
            - text/x-php
            - text/x-python
            - text/x-perl
            - text/x-bash
            - text/x-sh
            - text/x-csh
            - text/scriptlet
            - application/x-msdownload
            - application/x-msmetafile
            - application/java
            - application/xml
            - text/xml
        type: array
        description: |-
            Files with these MIME types will never be allowed as uploads
            if $wgVerifyMimeType is enabled.
            @since 1.37; previously $wgMimeTypeBlacklist
    CheckFileExtensions:
        default: true
        description: |-
            This is a flag to determine whether or not to check file extensions on upload.
            @warning Setting this to false is insecure for public wikis.
    StrictFileExtensions:
        default: true
        description: |-
            If this is turned off, users may override the warning for files not covered
            by $wgFileExtensions.
            @warning Setting this to false is insecure for public wikis.
    DisableUploadScriptChecks:
        default: false
        description: |-
            Setting this to true will disable the upload system's checks for HTML/JavaScript.
            @warning THIS IS VERY DANGEROUS on a publicly editable site, so USE
            $wgGroupPermissions TO RESTRICT UPLOADING to only those that you trust
    UploadSizeWarning:
        default: false
        description: 'Warn if uploaded files are larger than this (in bytes), or false to disable'
    TrustedMediaFormats:
        default:
            - BITMAP
            - AUDIO
            - VIDEO
            - image/svg+xml
            - application/pdf
        type: array
        description: |-
            list of trusted media-types and MIME types.
            Use the MEDIATYPE_xxx constants to represent media types.
            This list is used by File::isSafeFile
            Types not listed here will have a warning about unsafe content
            displayed on the images description page. It would also be possible
            to use this for further restrictions, like disabling direct
            [[media:...]] links for non-trusted formats.
    MediaHandlers:
        default: {  }
        type: object
        description: |-
            Plugins for media file type handling.
            Each entry in the array maps a MIME type to a class name
            Core media handlers are listed in MediaHandlerFactory,
            and extensions should use extension.json.
    NativeImageLazyLoading:
        default: false
        type: boolean
        description: |-
            Toggles native image lazy loading, via the "loading" attribute.
            @unstable EXPERIMENTAL
            @since 1.34
    ParserTestMediaHandlers:
        default:
            image/jpeg: MockBitmapHandler
            image/png: MockBitmapHandler
            image/gif: MockBitmapHandler
            image/tiff: MockBitmapHandler
            image/webp: MockBitmapHandler
            image/x-ms-bmp: MockBitmapHandler
            image/x-bmp: MockBitmapHandler
            image/x-xcf: MockBitmapHandler
            image/svg+xml: MockSvgHandler
            image/vnd.djvu: MockDjVuHandler
        type: object
        description: |-
            Media handler overrides for parser tests (they don't need to generate actual
            thumbnails, so a mock will do)
    UseImageResize:
        default: true
        description: |-
            Whether to enable server-side image thumbnailing. If false, images will
            always be sent to the client in full resolution, with appropriate width= and
            height= attributes on the <img> tag for the client to do its own scaling.
    UseImageMagick:
        default: false
        description: |-
            Resizing can be done using PHP's internal image libraries or using
            ImageMagick or another third-party converter, e.g. GraphicMagick.
            These support more file formats than PHP, which only supports PNG,
            GIF, JPG, XBM and WBMP.
            Use Image Magick instead of PHP builtin functions.
    ImageMagickConvertCommand:
        default: /usr/bin/convert
        description: 'The convert command shipped with ImageMagick'
    MaxInterlacingAreas:
        default: {  }
        type: object
        description: |-
            Array of max pixel areas for interlacing per MIME type
            @since 1.27
    SharpenParameter:
        default: 0x0.4
        description: 'Sharpening parameter to ImageMagick'
    SharpenReductionThreshold:
        default: 0.85
        description: 'Reduction in linear dimensions below which sharpening will be enabled'
    ImageMagickTempDir:
        default: false
        description: |-
            Temporary directory used for ImageMagick. The directory must exist. Leave
            this set to false to let ImageMagick decide for itself.
    CustomConvertCommand:
        default: false
        description: |-
            Use another resizing converter, e.g. GraphicMagick
            %s will be replaced with the source path, %d with the destination
            %w and %h will be replaced with the width and height.
            **Example for GraphicMagick:**
            ```
            $wgCustomConvertCommand = "gm convert %s -resize %wx%h %d"
            ```
            Leave as false to skip this.
    JpegTran:
        default: /usr/bin/jpegtran
        description: |-
            used for lossless jpeg rotation
            @since 1.21
    JpegPixelFormat:
        default: yuv420
        description: |-
            At default setting of 'yuv420', JPEG thumbnails will use 4:2:0 chroma
            subsampling to reduce file size, at the cost of possible color fringing
            at sharp edges.
            See https://en.wikipedia.org/wiki/Chroma_subsampling
            Supported values:
              false - use scaling system's default (same as pre-1.27 behavior)
              'yuv444' - luma and chroma at same resolution
              'yuv422' - chroma at 1/2 resolution horizontally, full vertically
              'yuv420' - chroma at 1/2 resolution in both dimensions
            This setting is currently supported only for the ImageMagick backend;
            others may default to 4:2:0 or 4:4:4 or maintaining the source file's
            sampling in the thumbnail.
            @since 1.27
    JpegQuality:
        default: 80
        description: |-
            When scaling a JPEG thumbnail, this is the quality we request
            from the backend. It should be an integer between 1 and 100,
            with 100 indicating 100% quality.
            @since 1.32
    Exiv2Command:
        default: /usr/bin/exiv2
        description: |-
            Some tests and extensions use exiv2 to manipulate the Exif metadata in some
            image formats.
    Exiftool:
        default: /usr/bin/exiftool
        description: |-
            Path to exiftool binary. Used for lossless ICC profile swapping.
            @since 1.26
    SVGConverters:
        default:
            ImageMagick: '$path/convert -background "#ffffff00" -thumbnail $widthx$height\! $input PNG:$output'
            sodipodi: '$path/sodipodi -z -w $width -f $input -e $output'
            inkscape: '$path/inkscape -z -w $width -f $input -e $output'
            batik: 'java -Djava.awt.headless=true -jar $path/batik-rasterizer.jar -w $width -d $output $input'
            rsvg: '$path/rsvg-convert -w $width -h $height -o $output $input'
            imgserv: '$path/imgserv-wrapper -i svg -o png -w$width $input $output'
            ImagickExt: ['SvgHandler::rasterizeImagickExt']
        type: object
        description: |-
            Scalable Vector Graphics (SVG) may be uploaded as images.
            Since SVG support is not yet standard in browsers, it is
            necessary to rasterize SVGs to PNG as a fallback format.
            An external program is required to perform this conversion.
            If set to an array, the first item is a PHP callable and any further items
            are passed as parameters after $srcPath, $dstPath, $width, $height
    SVGConverter:
        default: ImageMagick
        description: 'Pick a converter defined in $wgSVGConverters'
    SVGConverterPath:
        default: ''
        description: 'If not in the executable PATH, specify the SVG converter path.'
    SVGMaxSize:
        default: 5120
        description: 'Don''t scale a SVG larger than this'
    SVGMetadataCutoff:
        default: 5242880
        description: |-
            Don't read SVG metadata beyond this point.
            Default is 5 MiB
    SVGNativeRendering:
        default: false
        type:
            - string
            - boolean
        description: |-
            Whether native rendering by the browser agent is allowed
            Default is false. Setting it to true disables all SVG conversion.
            Setting to the string 'partial' will only allow native rendering
            when the filesize is below SVGNativeRenderingSizeLimit and if the
            file contains at most 1 language.
            @since 1.41
    SVGNativeRenderingSizeLimit:
        default: 51200
        description: |-
            Filesize limit for allowing SVGs to render natively by the browser agent
            Default is 50kB.
            @since 1.41
    MediaInTargetLanguage:
        default: true
        description: |-
            Whether thumbnails should be generated in target language (usually, same as
            page language), if available.
            Currently, applies only to SVG images that use the systemLanguage attribute
            to specify text language.
            @since 1.33
    MaxImageArea:
        default: 12500000
        type:
            - string
            - integer
            - boolean
        description: |-
            The maximum number of pixels a source image can have if it is to be scaled
            down by a scaler that requires the full source image to be decompressed
            and stored in decompressed form, before the thumbnail is generated.
            This provides a limit on memory usage for the decompression side of the
            image scaler. The limit is used when scaling PNGs with any of the
            built-in image scalers, such as ImageMagick or GD. It is ignored for
            JPEGs with ImageMagick, and when using the VipsScaler extension.
            If set to false, MediaWiki will not check the size of the image before
            attempting to scale it. Extensions may still override this setting by
            using the BitmapHandlerCheckImageArea hook.
            The default is 50 MB if decompressed to RGBA form, which corresponds to
            12.5 million pixels or 3500x3500.
    MaxAnimatedGifArea:
        default: 12500000
        description: |-
            Force thumbnailing of animated GIFs above this size to a single
            frame instead of an animated thumbnail.  As of MW 1.17 this limit
            is checked against the total size of all frames in the animation.
            It probably makes sense to keep this equal to $wgMaxImageArea.
    TiffThumbnailType:
        default: []
        type: array
        mergeStrategy: replace
        description: |-
            Browsers don't support TIFF inline generally...
            For inline display, we need to convert to PNG or JPEG.
            Note scaling should work with ImageMagick, but may not with GD scaling.
            **Example:**
            ```
            // PNG is lossless, but inefficient for photos
            $wgTiffThumbnailType = [ 'png', 'image/png' ];
            // JPEG is good for photos, but has no transparency support. Bad for diagrams.
            $wgTiffThumbnailType = [ 'jpg', 'image/jpeg' ];
            ```
    ThumbnailEpoch:
        default: '20030516000000'
        description: |-
            If rendered thumbnail files are older than this timestamp, they
            will be rerendered on demand as if the file didn't already exist.
            Update if there is some need to force thumbs and SVG rasterizations
            to rerender, such as fixes to rendering bugs.
    AttemptFailureEpoch:
        default: 1
        description: |-
            Certain operations are avoided if there were too many recent failures,
            for example, thumbnail generation. Bump this value to invalidate all
            memory of failed operations and thus allow further attempts to resume.
            This is useful when a cause for the failures has been found and fixed.
    IgnoreImageErrors:
        default: false
        description: |-
            If set, inline scaled images will still produce "<img>" tags ready for
            output instead of showing an error message.
            This may be useful if errors are transitory, especially if the site
            is configured to automatically render thumbnails on request.
            On the other hand, it may obscure error conditions from debugging.
            Enable the debug log or the 'thumbnail' log group to make sure errors
            are logged to a file for review.
    GenerateThumbnailOnParse:
        default: true
        type: boolean
        description: |-
            Render thumbnails while parsing wikitext.
            If set to false, then the Parser will output valid thumbnail URLs without
            generating or storing the thumbnail files. This can significantly speed up
            processing on the web server. The site admin needs to configure a 404 handler
            in order for the URLs in question to regenerate the thumbnails in question
            on-demand. This can enable concurrency and also save computing resources
            as not every resolution of every image on every page is accessed between
            re-parses of the article. For example, re-parses triggered by bot edits,
            or cascading updates from template edits.
            If you use $wgLocalFileRepo, then you will also need to set the following:
            ```
            $wgLocalFileRepo['transformVia404'] = true;
            ```
            @since 1.7.0
    ShowArchiveThumbnails:
        default: true
        description: 'Show thumbnails for old images on the image description page'
    EnableAutoRotation:
        default: null
        type:
            - boolean
            - 'null'
        description: |-
            If set to true, images that contain certain the exif orientation tag will
            be rotated accordingly. If set to null, try to auto-detect whether a scaler
            is available that can rotate.
    Antivirus:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Internal name of virus scanner. This serves as a key to the
            $wgAntivirusSetup array. Set this to NULL to disable virus scanning. If not
            null, every file uploaded will be scanned for viruses.
    AntivirusSetup:
        default:
            clamav: { command: 'clamscan --no-summary ', codemap: { 0: 0, 1: 1, 52: -1, '*': false }, messagepattern: '/.*?:(.*)/sim' }
        type: object
        description: |-
            Configuration for different virus scanners. This an associative array of
            associative arrays. It contains one setup array per known scanner type.
            The entry is selected by $wgAntivirus, i.e.
            valid values for $wgAntivirus are the keys defined in this array.
            The configuration array for each scanner contains the following keys:
            "command", "codemap", "messagepattern":
            "command" is the full command to call the virus scanner - %f will be
            replaced with the name of the file to scan. If not present, the filename
            will be appended to the command. Note that this must be overwritten if the
            scanner is not in the system path; in that case, please set
            $wgAntivirusSetup[$wgAntivirus]['command'] to the desired command with full
            path.
            "codemap" is a mapping of exit code to return codes of the detectVirus
            function in SpecialUpload.
              - An exit code mapped to AV_SCAN_FAILED causes the function to consider
                the scan to be failed. This will pass the file if $wgAntivirusRequired
                is not set.
              - An exit code mapped to AV_SCAN_ABORTED causes the function to consider
                the file to have an unsupported format, which is probably immune to
                viruses. This causes the file to pass.
              - An exit code mapped to AV_NO_VIRUS will cause the file to pass, meaning
                no virus was found.
              - All other codes (like AV_VIRUS_FOUND) will cause the function to report
                a virus.
              - You may use "*" as a key in the array to catch all exit codes not mapped otherwise.
            "messagepattern" is a perl regular expression to extract the meaningful part of the scanners
            output. The relevant part should be matched as group one (\1).
            If not defined or the pattern does not match, the full message is shown to the user.
    AntivirusRequired:
        default: true
        description: 'Determines if a failed virus scan (AV_SCAN_FAILED) will cause the file to be rejected.'
    VerifyMimeType:
        default: true
        description: 'Determines if the MIME type of uploaded files should be checked'
    MimeTypeFile:
        default: internal
        description: |-
            Sets the MIME type definition file to use by includes/libs/mime/MimeAnalyzer.php.
            When this is set to the path of a mime.types file, MediaWiki will use this
            file to map MIME types to file extensions and vice versa, in lieu of its
            internal MIME map. Note that some MIME mappings are considered "baked in"
            and cannot be overridden. See includes/libs/mime/MimeMapMinimal.php for a
            full list.
            example: $wgMimeTypeFile = '/etc/mime.types';
    MimeInfoFile:
        default: internal
        description: |-
            Sets the MIME type info file to use by includes/libs/mime/MimeAnalyzer.php.
            Set to null to use the minimum set of built-in defaults only.
    MimeDetectorCommand:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Sets an external MIME detector program. The command must print only
            the MIME type to standard output.
            The name of the file to process will be appended to the command given here.
            If not set or NULL, PHP's mime_content_type function will be used.
            **Example:**
            ```
            #$wgMimeDetectorCommand = "file -bi"; // use external MIME detector (Linux)
            ```
    TrivialMimeDetection:
        default: false
        description: |-
            Switch for trivial MIME detection. Used by thumb.php to disable all fancy
            things, because only a few types of images are needed and file extensions
            can be trusted.
    XMLMimeTypes:
        default:
            'http://www.w3.org/2000/svg:svg': image/svg+xml
            svg: image/svg+xml
            'http://www.lysator.liu.se/~alla/dia/:diagram': application/x-dia-diagram
            'http://www.w3.org/1999/xhtml:html': text/html
            html: text/html
        type: object
        description: |-
            Additional XML types we can allow via MIME-detection.
            array = [ 'rootElement' => 'associatedMimeType' ]
    ImageLimits:
        default:
            - [320, 240]
            - [640, 480]
            - [800, 600]
            - [1024, 768]
            - [1280, 1024]
            - [2560, 2048]
        type: array
        description: |-
            Limit images on image description pages to a user-selectable limit.
            In order to reduce disk usage, limits can only be selected from this list.
            The user preference is saved as an array offset in the database, by default
            the offset is set with $wgDefaultUserOptions['imagesize']. Make sure you
            change it if you alter the array (see T10858).
            This list is also used by ImagePage for alternate size links.
    ThumbLimits:
        default:
            - 120
            - 150
            - 180
            - 200
            - 250
            - 300
        type: array
        description: |-
            Adjust thumbnails on image pages according to a user setting. In order to
            reduce disk usage, the values can only be selected from a list. This is the
            list of settings the user can choose from:
    ThumbnailNamespaces:
        default:
            - 6
        type: array
        items:
            type: integer
        description: |-
            Defines what namespaces thumbnails will be displayed for in Special:Search.
            This is the list of namespaces for which thumbnails (or a placeholder in
            the absence of a thumbnail) will be shown:
    ThumbnailBuckets:
        default: null
        type:
            - array
            - 'null'
        description: |-
            When defined, is an array of image widths used as buckets for thumbnail generation.
            The goal is to save resources by generating thumbnails based on reference buckets instead of
            always using the original. This will incur a speed gain but cause a quality loss.
            The buckets generation is chained, with each bucket generated based on the above bucket
            when possible. File handlers have to opt into using that feature. For now only BitmapHandler
            supports it.
    ThumbnailMinimumBucketDistance:
        default: 50
        description: |-
            When using thumbnail buckets as defined above, this sets the minimum distance to the bucket
            above the requested size. The distance represents how many extra pixels of width the bucket
            needs in order to be used as the reference for a given thumbnail. For example, with the
            following buckets:
            $wgThumbnailBuckets = [ 128, 256, 512 ];
            and a distance of 50:
            $wgThumbnailMinimumBucketDistance = 50;
            If we want to render a thumbnail of width 220px, the 512px bucket will be used,
            because 220 + 50 = 270 and the closest bucket bigger than 270px is 512.
    UploadThumbnailRenderMap:
        default: {  }
        type: object
        description: |-
            When defined, is an array of thumbnail widths to be rendered at upload time. The idea is to
            prerender common thumbnail sizes, in order to avoid the necessity to render them on demand,
            which has a performance impact for the first client to view a certain size.
            This obviously means that more disk space is needed per upload upfront.
            @since 1.25
    UploadThumbnailRenderMethod:
        default: jobqueue
        description: |-
            The method through which the thumbnails will be prerendered for the entries in
            $wgUploadThumbnailRenderMap
            The method can be either "http" or "jobqueue". The former uses an http request to hit the
            thumbnail's URL.
            This method only works if thumbnails are configured to be rendered by a 404 handler. The
            latter option uses the job queue to render the thumbnail.
            @since 1.25
    UploadThumbnailRenderHttpCustomHost:
        default: false
        description: |-
            When using the "http" $wgUploadThumbnailRenderMethod, lets one specify a custom Host HTTP
            header.
            @since 1.25
    UploadThumbnailRenderHttpCustomDomain:
        default: false
        description: |-
            When using the "http" $wgUploadThumbnailRenderMethod, lets one specify a custom domain to
            send the HTTP request to.
            @since 1.25
    UseTinyRGBForJPGThumbnails:
        default: false
        description: |-
            When this variable is true and JPGs use the sRGB ICC profile, swaps it for the more
            lightweight
            (and free) TinyRGB profile when generating thumbnails.
            @since 1.26
    GalleryOptions:
        default: {  }
        type: object
        description: |-
            Parameters for the "<gallery>" tag.
            Fields are:
            - imagesPerRow:   Default number of images per-row in the gallery. 0 -> Adapt to screensize
            - imageWidth:     Width of the cells containing images in galleries (in "px")
            - imageHeight:    Height of the cells containing images in galleries (in "px")
            - captionLength:  Length to truncate filename to in caption when using "showfilename".
                              A value of 'true' will truncate the filename to one line using CSS
                              and will be the behaviour after deprecation.
                              @deprecated since 1.28
            - showBytes:      Show the filesize in bytes in categories
            - showDimensions: Show the dimensions (width x height) in categories
            - mode:           Gallery mode
    ThumbUpright:
        default: 0.75
        description: |-
            Adjust width of upright images when parameter 'upright' is used
            This allows a nicer look for upright images without the need to fix the width
            by hardcoded px in wiki sourcecode.
    DirectoryMode:
        default: 511
        description: 'Default value for chmod-ing of new directories.'
    ResponsiveImages:
        default: true
        description: |-
            Generate and use thumbnails suitable for screens with 1.5 and 2.0 pixel densities.
            This means a 320x240 use of an image on the wiki will also generate 480x360 and 640x480
            thumbnails, output via the srcset attribute.
    ImagePreconnect:
        default: false
        description: |-
            Add a preconnect link for browsers to a remote FileRepo host.
            This is an optional performance enhancement designed for wiki farm where
            $wgForeignFileRepos or $wgLocalFileRepo is set to serve thumbnails from a
            separate hostname (e.g. not local `/w/images`). The feature expects at most
            a single remote hostname to be used.
            If multiple foreign repos are registered that serve images from different hostnames,
            only the first will be preconnected.
            This may cause unneeded HTTP connections in browsers on wikis where a foreign repo is
            enabled but where a local repo is more commonly used.
            @since 1.35
    DjvuUseBoxedCommand:
        default: false
        description: |-
            Whether to use BoxedCommand or not.
            @unstable Temporary feature flag for T352515
            @since 1.42
    DjvuDump:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Path of the djvudump executable
            Enable this and $wgDjvuRenderer to enable djvu rendering
            example: $wgDjvuDump = 'djvudump';
            If this is set, {@link self::ShellboxShell} must be set to the correct
            shell path.
    DjvuRenderer:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Path of the ddjvu DJVU renderer
            Enable this and $wgDjvuDump to enable djvu rendering
            example: $wgDjvuRenderer = 'ddjvu';
    DjvuTxt:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Path of the djvutxt DJVU text extraction utility
            Enable this and $wgDjvuDump to enable text layer extraction from djvu files
            example: $wgDjvuTxt = 'djvutxt';
            If this is set, {@link self::ShellboxShell} must be set to the correct
             shell path.
    DjvuPostProcessor:
        default: pnmtojpeg
        type:
            - string
            - 'null'
        description: |-
            Shell command for the DJVU post processor
            Default: pnmtojpeg, since ddjvu generates ppm output
            Set this to false to output the ppm file directly.
    DjvuOutputExtension:
        default: jpg
        description: 'File extension for the DJVU post processor output'
    EmergencyContact:
        default: false
        description: |-
            Site admin email address.
            Defaults to "wikiadmin@$wgServerName" (in Setup.php).
    PasswordSender:
        default: false
        description: |-
            Sender email address for e-mail notifications.
            The address we use as sender when a user requests a password reminder,
            as well as other e-mail notifications.
            Defaults to "apache@$wgServerName" (in Setup.php).
    NoReplyAddress:
        default: false
        description: |-
            Reply-To address for e-mail notifications.
            Defaults to $wgPasswordSender (in Setup.php).
    EnableEmail:
        default: true
        description: |-
            Set to true to enable the e-mail basic features:
            Password reminders, etc. If sending e-mail on your
            server doesn't work, you might want to disable this.
    EnableUserEmail:
        default: true
        description: |-
            Set to true to enable user-to-user e-mail.
            This can potentially be abused, as it's hard to track.
    EnableSpecialMute:
        default: false
        description: |-
            Set to true to enable the Special Mute page. This allows users
            to mute unwanted communications from other users, and is linked
            to from emails originating from Special:Email.
            @since 1.34
    EnableUserEmailMuteList:
        default: false
        description: |-
            Set to true to enable user-to-user e-mail mutelist.
            @since 1.37; previously $wgEnableUserEmailBlacklist
    UserEmailUseReplyTo:
        default: true
        description: |-
            If true put the sending user's email in a Reply-To header
            instead of From (false). ($wgPasswordSender will be used as From.)
            Some mailers (eg SMTP) set the SMTP envelope sender to the From value,
            which can cause problems with SPF validation and leak recipient addresses
            when bounces are sent to the sender. In addition, DMARC restrictions
            can cause emails to fail to be received when false.
    PasswordReminderResendTime:
        default: 24
        description: |-
            Minimum time, in hours, which must elapse between password reminder
            emails for a given account. This is to prevent abuse by mail flooding.
    NewPasswordExpiry:
        default: 604800
        description: 'The time, in seconds, when an emailed temporary password expires.'
    UserEmailConfirmationTokenExpiry:
        default: 604800
        description: 'The time, in seconds, when an email confirmation email expires'
    PasswordExpirationDays:
        default: false
        description: |-
            The number of days that a user's password is good for. After this number of days, the
            user will be asked to reset their password. Set to false to disable password expiration.
    PasswordExpireGrace:
        default: 604800
        description: |-
            If a user's password is expired, the number of seconds when they can still login,
            and cancel their password change, but are sent to the password change form on each login.
    SMTP:
        default: false
        type:
            - boolean
            - object
        description: |-
            SMTP Mode.
            For using a direct (authenticated) SMTP server connection.
            Default to false or fill an array :
            ```
            $wgSMTP = [
                'host'     => 'SMTP domain',
                'IDHost'   => 'domain for MessageID',
                'port'     => '25',
                'auth'     => [true|false],
                'username' => [SMTP username],
                'password' => [SMTP password],
            ];
            ```
    AdditionalMailParams:
        default: null
        description: 'Additional email parameters, will be passed as the last argument to mail() call.'
    AllowHTMLEmail:
        default: false
        description: |-
            For parts of the system that have been updated to provide HTML email content, send
            both text and HTML parts as the body of the email
    EnotifFromEditor:
        default: false
        type: boolean
        description: |-
            Allow sending of e-mail notifications with the editor's address as sender.
            This setting depends on $wgEnotifRevealEditorAddress also being enabled.
            If both are enabled, notifications for actions from users that have opted-in,
            will be sent to other users with their address as "From" instead of "Reply-To".
            If disabled, or not opted-in, notifications come from $wgPasswordSender.
    EmailAuthentication:
        default: true
        description: |-
            Require email authentication before sending mail to an email address.
            This is highly recommended. It prevents MediaWiki from being used as an open
            spam relay.
    EnotifWatchlist:
        default: false
        description: 'Allow users to enable email notification ("enotif") on watchlist changes.'
    EnotifUserTalk:
        default: false
        description: |-
            Allow users to enable email notification ("enotif") when someone edits their
            user talk page.
            The owner of the user talk page must also have the 'enotifusertalkpages' user
            preference set to true.
    EnotifRevealEditorAddress:
        default: false
        type: boolean
        description: |-
            Allow sending of e-mail notifications with the editor's address in "Reply-To".
            Note, enabling this only actually uses it in notification e-mails if the user
            opted-in to this feature. This feature flag also controls visibility of the
            'enotifrevealaddr' preference, which, if users opt into, will make e-mail
            notifications about their actions use their address as "Reply-To".
            To set the address as "From" instead of "Reply-To", also enable $wgEnotifFromEditor.
            If disabled, or not opted-in, notifications come from $wgPasswordSender.
    EnotifMinorEdits:
        default: true
        description: |-
            Potentially send notification mails on minor edits to pages. This is enabled
            by default.  If this is false, users will never be notified on minor edits.
            If it is true, editors with the 'nominornewtalk' right (typically bots) will still not
            trigger notifications for minor edits they make (to any page, not just user talk).
            Finally, if the watcher/recipient has the 'enotifminoredits' user preference set to
            false, they will not receive notifications for minor edits.
            User talk notifications are also affected by $wgEnotifMinorEdits, the above settings,
            $wgEnotifUserTalk, and the preference described there.
    EnotifImpersonal:
        default: false
        description: |-
            Send a generic mail instead of a personalised mail for each user.  This
            always uses UTC as the time zone, and doesn't include the username.
            For pages with many users watching, this can significantly reduce mail load.
            Has no effect when using sendmail rather than SMTP.
    EnotifMaxRecips:
        default: 500
        description: |-
            Maximum number of users to mail at once when using impersonal mail. Should
            match the limit on your mail server.
    EnotifUseRealName:
        default: false
        description: 'Use real name instead of username in e-mail "from" field.'
    UsersNotifiedOnAllChanges:
        default: {  }
        type: object
        description: |-
            Array of usernames who will be sent a notification email for every change
            which occurs on a wiki. Users will not be notified of their own changes.
    DBname:
        default: my_wiki
        description: |-
            Current wiki database name
            This should only contain alphanumeric and underscore characters ([A-Za-z0-9_]+).
            Spaces, quotes, backticks, dots, and hyphens are likely to be problematic.
            This is used to determine the current/local wiki ID (WikiMap::getCurrentWikiDbDomain).
            This should still be set even if $wgLBFactoryConf is configured.
    DBmwschema:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Current wiki database schema name
            This should only contain alphanumeric and underscore characters ([A-Za-z0-9_]+).
            Spaces, quotes, backticks, dots, and hyphens are likely to be problematic.
            This is used to determine the current/local wiki ID (WikiMap::getCurrentWikiDbDomain).
            This should still be set even if $wgLBFactoryConf is configured.
    DBprefix:
        default: ''
        description: |-
            Current wiki database table name prefix
            This should only contain alphanumeric and underscore characters ([A-Za-z0-9_]+).
            If it's a non-empty string, then it preferably should end with an underscore.
            Spaces, quotes, backticks, dots, and hyphens are especially likely to be problematic.
            This is used to determine the current/local wiki ID (WikiMap::getCurrentWikiDbDomain).
            This should still be set even if $wgLBFactoryConf is configured.
    DBserver:
        default: localhost
        description: 'Database host name or IP address'
    DBport:
        default: 5432
        description: 'Database port number'
    DBuser:
        default: wikiuser
        description: 'Database username'
    DBpassword:
        default: ''
        description: 'Database user''s password'
    DBtype:
        default: mysql
        description: 'Database type'
    DBssl:
        default: false
        description: |-
            Whether to use SSL in DB connection.
            This setting is only used if $wgLBFactoryConf['class'] is set to
            '\Wikimedia\Rdbms\LBFactorySimple' and $wgDBservers is an empty array; otherwise
            the 'ssl' parameter of the server array must be set to achieve the same functionality.
    DBcompress:
        default: false
        description: |-
            Whether to use compression in DB connection.
            This setting is only used $wgLBFactoryConf['class'] is set to
            '\Wikimedia\Rdbms\LBFactorySimple' and $wgDBservers is an empty array; otherwise
            the DBO_COMPRESS flag must be set in the 'flags' option of the database
            connection to achieve the same functionality.
    DBStrictWarnings:
        default: false
        description: |-
            Check for warnings after DB queries and throw an exception if an
            unacceptable warning is detected.
            This setting is only used if $wgLBFactoryConf['class'] is set to
            '\Wikimedia\Rdbms\LBFactorySimple' and $wgDBservers is an empty array.
            Otherwise, the 'strictWarnings' parameter of the server array must be set
            to achieve the same functionality.
            @since 1.42
    DBadminuser:
        default: null
        description: 'Separate username for maintenance tasks. Leave as null to use the default.'
    DBadminpassword:
        default: null
        description: 'Separate password for maintenance tasks. Leave as null to use the default.'
    SearchType:
        default: null
        description: |-
            Search type.
            Leave as null to select the default search engine for the
            selected database type (eg SearchMySQL), or set to a class
            name to override to a custom search engine.
            If the canonical name for the search engine doesn't match the class name
            (because it's namespaced for example), you can add a mapping for this in
            SearchMappings in extension.json.
    SearchTypeAlternatives:
        default: null
        description: |-
            Alternative search types
            Sometimes you want to support multiple search engines for testing. This
            allows users to select their search engine of choice via url parameters
            to Special:Search and the action=search API. If using this, there's no
            need to add $wgSearchType to it, that is handled automatically.
            If the canonical name for the search engine doesn't match the class name
            (because it's namespaced for example), you can add a mapping for this in
            SearchMappings in extension.json.
    DBTableOptions:
        default: 'ENGINE=InnoDB, DEFAULT CHARSET=binary'
        description: 'MySQL table options to use during installation or update'
    SQLMode:
        default: ''
        description: |-
            SQL Mode - default is turning off all modes, including strict, if set.
            null can be used to skip the setting for performance reasons and assume
            DBA has done his best job.
            String override can be used for some additional fun :-)
    DBDefaultGroup:
        default: null
        description: |-
            Default group to use when getting database connections.
            Will be used as default query group in ILoadBalancer::getConnection.
            @since 1.32
    SQLiteDataDir:
        default: ''
        description: 'To override default SQLite data directory ($docroot/../data)'
    SharedDB:
        default: null
        description: |-
            Shared database for multiple wikis. Commonly used for storing a user table
            for single sign-on. The server for this database must be the same as for the
            main database.
            For backwards compatibility the shared prefix is set to the same as the local
            prefix, and the user table is listed in the default list of shared tables.
            The user_properties table is also added so that users will continue to have their
            preferences shared (preferences were stored in the user table prior to 1.16)
            $wgSharedTables may be customized with a list of tables to share in the shared
            database. However it is advised to limit what tables you do share as many of
            MediaWiki's tables may have side effects if you try to share them.
            $wgSharedPrefix is the table prefix for the shared database. It defaults to
            $wgDBprefix.
            $wgSharedSchema is the table schema for the shared database. It defaults to
            $wgDBmwschema.
    SharedPrefix:
        default: false
        dynamicDefault:
            use: [DBprefix]
            callback: [MediaWiki\MainConfigSchema, getDefaultSharedPrefix]
        description: '@see self::SharedDB'
    SharedTables:
        default:
            - user
            - user_properties
            - user_autocreate_serial
        type: array
        description: |-
            @see self::SharedDB
            The installer will add 'actor' to this list for all new wikis.
    SharedSchema:
        default: false
        dynamicDefault:
            use: [DBmwschema]
            callback: [MediaWiki\MainConfigSchema, getDefaultSharedSchema]
        description: |-
            @see self::SharedDB
            @since 1.23
    DBservers:
        default: false
        type:
            - boolean
            - array
        description: |-
            Database load balancer
            This is a two-dimensional array, a list of server info structures
            Fields are:
              - host:        Host name
              - dbname:      Default database name
              - user:        DB user
              - password:    DB password
              - type:        DB type
              - driver:      DB driver (when there are multiple drivers)
              - load:        Ratio of DB_REPLICA load, must be >=0, the sum of all loads must be >0.
                             If this is zero for any given server, no normal query traffic will be
                             sent to it. It will be excluded from lag checks in maintenance scripts.
                             The only way it can receive traffic is if groupLoads is used.
              - groupLoads:  (optional) Array of load ratios, the key is the query group name. A query
                             may belong to several groups, the most specific group defined here is used.
              - flags:       (optional) Bit field of properties:
                             - DBO_DEFAULT:    Transactional-ize web requests and use autocommit otherwise
                             - DBO_DEBUG:      Equivalent of $wgDebugDumpSql
                             - DBO_SSL:        Use TLS connection encryption if available (deprecated)
                             - DBO_COMPRESS:   Use protocol compression with database connections
                             - DBO_PERSISTENT: Enables persistent database connections
              - ssl:         (optional) Boolean, whether to use TLS encryption. Overrides DBO_SSL.
              - max lag:     (optional) Maximum replication lag before a replica DB goes out of rotation
              - is static:   (optional) Set to true if the dataset is static and no replication is used.
              - cliMode:     (optional) Connection handles will not assume that requests are short-lived
                             nor that INSERT..SELECT can be rewritten into a buffered SELECT and INSERT.
                             This is what DBO_DEFAULT uses to determine when a web request is present.
                             [Default: true if MW_ENTRY_POINT is 'cli', otherwise false]
              These and any other user-defined properties will be assigned to the mLBInfo member
              variable of the Database object.
            Leave at false to use the single-server variables above. If you set this
            variable, the single-server variables will generally be ignored (except
            perhaps in some command-line scripts).
            The first server listed in this array (with key 0) will be the primary. The
            rest of the servers will be replica DBs. To prevent writes to your replica DBs due to
            accidental misconfiguration or MediaWiki bugs, set read_only=1 on all your
            replica DBs in my.cnf. You can set read_only mode at runtime using:
            ```
                SET @@read_only=1;
            ```
            Since the effect of writing to a replica DB is so damaging and difficult to clean
            up, we at Wikimedia set read_only=1 in my.cnf on all our DB servers, even
            our primaries, and then set read_only=0 on primaries at runtime.
    LBFactoryConf:
        default:
            class: Wikimedia\Rdbms\LBFactorySimple
        type: object
        mergeStrategy: replace
        description: |-
            Configuration for the ILBFactory service
            The "class" setting must point to a LBFactory subclass, which is also responsible
            for reading $wgDBservers, $wgDBserver, etc.
            To set up a wiki farm with multiple database clusters, set the "class" to
            LBFactoryMulti. See {@link Wikimedia::Rdbms::LBFactoryMulti LBFactoryMulti} docs for
            information on how to configure the rest of the $wgLBFactoryConf array.
    DataCenterUpdateStickTTL:
        default: 10
        description: |-
            After a state-changing request is done by a client, this determines
            how many seconds that client should keep using the primary datacenter.
            This avoids unexpected stale or 404 responses due to replication lag.
            This must be greater than or equal to
            Wikimedia\Rdbms\ChronologyProtector::POSITION_COOKIE_TTL.
            @since 1.27
    DBerrorLog:
        default: false
        description: 'File to log database errors to'
    DBerrorLogTZ:
        default: false
        dynamicDefault:
            use: [Localtimezone]
            callback: [MediaWiki\MainConfigSchema, getDefaultDBerrorLogTZ]
        description: |-
            Timezone to use in the error log.
            Defaults to the wiki timezone ($wgLocaltimezone).
            A list of usable timezones can found at:
            https://www.php.net/manual/en/timezones.php
            **Examples:**
            ```
            $wgDBerrorLogTZ = 'UTC';
            $wgDBerrorLogTZ = 'GMT';
            $wgDBerrorLogTZ = 'PST8PDT';
            $wgDBerrorLogTZ = 'Europe/Sweden';
            $wgDBerrorLogTZ = 'CET';
            ```
            @since 1.20
    LocalDatabases:
        default: []
        type: array
        items:
            type: string
        description: |-
            Other wikis on this site, can be administered from a single developer account.
            List of wiki DB domain IDs; the format of each ID consist of 1-3 hyphen
              delimited alphanumeric components (each with no hyphens nor spaces) of any of the forms:
              - "<DB NAME>-<DB SCHEMA>-<TABLE PREFIX>"
              - "<DB NAME>-<TABLE PREFIX>"
              - "<DB NAME>"
            If hyphens appear in any of the components, then the domain ID parsing may not work
            in all cases and site functionality might be affected. If the schema ($wgDBmwschema)
            is left to the default "mediawiki" for all wikis, then the schema should be omitted
            from these IDs.
    DatabaseReplicaLagWarning:
        default: 10
        description: |-
            If lag is higher than $wgDatabaseReplicaLagWarning, show a warning in some special
            pages (like watchlist). If the lag is higher than $wgDatabaseReplicaLagCritical,
            show a more obvious warning.
            @since 1.36
    DatabaseReplicaLagCritical:
        default: 30
        description: |-
            @see self::DatabaseReplicaLagWarning
            @since 1.36
    MaxExecutionTimeForExpensiveQueries:
        default: 0
        description: |-
            Max execution time for queries of several expensive special pages such as RecentChanges
            in milliseconds.
            @since 1.38
    VirtualDomainsMapping:
        default: {  }
        type: object
        description: |-
            Mapping of virtual domain to external cluster db.
            If no entry is set, the code assumes local database.
            For example, for routing queries of virtual domain 'vdomain'
            to 'wikishared' database in 'extension1' cluster. The config should be like this:
             [ 'vdomain' => [ 'cluster' => 'extension1', 'db' => 'wikishared' ] ]
            If the database needs to be the local domain, just set the 'db' to false.
            If you want to get another db in the main cluster, just omit 'cluster'. For example:
             [ 'centralauth' => [ 'db' => 'centralauth' ] ]
            @since 1.41
    PageLinksSchemaMigrationStage:
        default: 768
        type: integer
        description: |-
            Pagelinks table schema migration stage, for normalizing pl_namespace and pl_title fields.
            Use the SCHEMA_COMPAT_XXX flags. Supported values:
              - SCHEMA_COMPAT_WRITE_NEW | SCHEMA_COMPAT_READ_NEW (SCHEMA_COMPAT_NEW)
            History:
              - 1.41: Added
              - 1.43: Default has changed to SCHEMA_COMPAT_NEW.
    ExternalLinksDomainGaps:
        default: {  }
        type: object
        description: |-
            Gaps in the externallinks table for certain domains.
            If you have identified certain domains for which externallinks searches are slow,
            you can use this setting to make MediaWiki skip large el_id ranges,
            rather than having the database scan through them fruitlessly.
            Each key in the array is a domain name in el_to_domain_index form,
            e.g. 'https://com.example.'.
            The value is an array with integer keys and values,
            where each entry is a range (from => to, both inclusive)
            of el_id values where this domain is known to have no entries.
            (Subdomains are included, i.e., configuring an entry here guarantees to MediaWiki
            that there are no rows where the el_to_domain_index starts with this value.)
            History:
              - 1.41: Added
    ContentHandlers:
        default:
            wikitext: { class: MediaWiki\Content\WikitextContentHandler, services: [TitleFactory, ParserFactory, GlobalIdGenerator, LanguageNameUtils, LinkRenderer, MagicWordFactory, ParsoidParserFactory] }
            javascript: MediaWiki\Content\JavaScriptContentHandler
            json: MediaWiki\Content\JsonContentHandler
            css: MediaWiki\Content\CssContentHandler
            text: MediaWiki\Content\TextContentHandler
            unknown: MediaWiki\Content\FallbackContentHandler
        type: object
        description: |-
            Plugins for page content model handling.
            Each entry in the array maps a model id to an ObjectFactory specification
            that creates an instance of the appropriate ContentHandler subclass.
            @since 1.21
    NamespaceContentModels:
        default: {  }
        type: object
        description: |-
            Associative array mapping namespace IDs to the name of the content model pages in that
            namespace should have by default (use the CONTENT_MODEL_XXX constants). If no special
            content type is defined for a given namespace, pages in that namespace will use the
            CONTENT_MODEL_WIKITEXT
            (except for the special case of JS and CS pages).
            @note To determine the default model for a new page's main slot, or any slot in general,
            use SlotRoleHandler::getDefaultModel() together with SlotRoleRegistry::getRoleHandler().
            @since 1.21
    TextModelsToParse:
        default:
            - wikitext
            - javascript
            - css
        type: array
        description: |-
            Determines which types of text are parsed as wikitext. This does not imply that these kinds
            of texts are also rendered as wikitext, it only means that links, magic words, etc will have
            the effect on the database they would have on a wikitext page.
            Note that table of contents information will be *suppressed* for all
            text models in this list other than wikitext.
            @todo Make the ToC suppression configurable by the content model
            (T313455), not a side effect of inclusion here.
            @todo On the long run, it would be nice to put categories etc into a separate structure,
            or at least parse only the contents of comments in the scripts.
            @since 1.21
    CompressRevisions:
        default: false
        description: |-
            We can also compress text stored in the 'text' table. If this is set on, new
            revisions will be compressed on page save if zlib support is available. Any
            compressed revisions will be decompressed on load regardless of this setting,
            but will not be readable at all if zlib support is not available.
    ExternalStores:
        default: []
        type: array
        description: |-
            List of enabled ExternalStore protocols.
            @see \ExternalStoreAccess
            ```
            $wgExternalStores = [ "DB" ];
            ```
    ExternalServers:
        default: {  }
        type: object
        description: |-
            Shortcut for setting `$wgLBFactoryConf["externalClusters"]`.
            This is only applicable when using the default LBFactory
            of {@link Wikimedia::Rdbms::LBFactorySimple LBFactorySimple}.
            It is ignored if a different LBFactory is set, or if `externalClusters`
            is already set explicitly.
            @see \ExternalStoreAccess
            **Example:**
            Create a cluster named 'blobs_cluster1':
            ```
            $wgExternalServers = [
                'blobs_cluster1' => <array in the same format as $wgDBservers>
            ];
            ```
    DefaultExternalStore:
        default: false
        type:
            - array
            - boolean
        description: |-
            The place to put new text blobs or false to put them in the text table
            of the local wiki database.
            @see \ExternalStoreAccess
            **Example:**
            ```
            $wgDefaultExternalStore = [ 'DB://cluster1', 'DB://cluster2' ];
            ```
    RevisionCacheExpiry:
        default: 604800
        type: integer
        description: |-
            Revision text may be cached in the main WAN cache to reduce load on external
            storage servers and object extraction overhead for frequently-loaded revisions.
            Set to 0 to disable, or number of seconds before cache expiry.
    PageLanguageUseDB:
        default: false
        type: boolean
        description: |-
            Enable page language feature
            Allows setting page language in database
            @since 1.24
    DiffEngine:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Specify the difference engine to use.
            Supported values:
            - 'external': Use an external diff engine, which must be specified via $wgExternalDiffEngine
            - 'wikidiff2': Use the wikidiff2 PHP extension
            - 'php': PHP implementations included in MediaWiki
            The default (null) is to use the first engine that's available.
            @since 1.35
    ExternalDiffEngine:
        default: false
        type:
            - string
            - boolean
        description: 'Name of the external diff engine to use.'
    Wikidiff2Options:
        default: {  }
        type: object
        description: |-
            Options for wikidiff2:
              - useMultiFormat: (bool) Whether to use wikidiff2_multi_format_diff()
                if it is available. This temporarily defaults to false, during
                migration to the new code. It is available in wikidiff2 1.14.0+.
            The following options are only effective if wikidiff2_multi_format_diff()
            is enabled. See README.md in wikidiff2 for details:
              - numContextLines
              - changeThreshold
              - movedLineThreshold
              - maxMovedLines
              - maxWordLevelDiffComplexity
              - maxSplitSize
              - initialSplitThreshold
              - finalSplitThreshold
            Also:
              - formatOptions: An array of format-specific overrides. The key may
                be "inline" or "table" and the value is an array with keys
                numContextLines, changeThreshold, etc.
            @since 1.41
    RequestTimeLimit:
        default: null
        type:
            - integer
            - 'null'
        description: |-
            Set a limit on server request wall clock time.
            If the Excimer extension is enabled, setting this will cause an exception
            to be thrown after the specified number of seconds. If the extension is
            not available, set_time_limit() will be called instead.
            @since 1.36
    TransactionalTimeLimit:
        default: 120
        description: |-
            The request time limit for "slow" write requests that should not be
            interrupted due to the risk of data corruption.
            The limit will only be raised. If the pre-existing time limit is larger,
            then this will have no effect.
            @since 1.26
    CriticalSectionTimeLimit:
        default: 180.0
        type: number
        description: |-
            The maximum time critical sections are allowed to stay open. Critical
            sections are used to defer Excimer request timeouts. If Excimer is available
            and this time limit is exceeded, an exception will be thrown at the next
            opportunity, typically after a long-running function like a DB query returns.
            Critical sections may wrap long-running queries, and it's generally better
            for the timeout to be handled a few milliseconds later when the critical
            section exits, so this should be a large number.
            This limit is ignored in command-line mode.
            @since 1.36
    MiserMode:
        default: false
        description: 'Disable database-intensive features'
    DisableQueryPages:
        default: false
        description: 'Disable all query pages if miser mode is on, not just some'
    QueryCacheLimit:
        default: 1000
        description: 'Number of rows to cache in ''querycache'' table when miser mode is on'
    WantedPagesThreshold:
        default: 1
        description: 'Number of links to a page required before it is deemed "wanted"'
    AllowSlowParserFunctions:
        default: false
        description: 'Enable slow parser functions'
    AllowSchemaUpdates:
        default: true
        description: 'Allow schema updates'
    MaxArticleSize:
        default: 2048
        description: 'Maximum article size in kibibytes'
    MemoryLimit:
        default: 50M
        description: |-
            The minimum amount of memory that MediaWiki "needs"; MediaWiki will try to
            raise PHP's memory limit if it's below this amount.
    PoolCounterConf:
        default: null
        type:
            - object
            - 'null'
        description: |-
            Configuration for processing pool control, for use in high-traffic wikis.
            An implementation is provided in the PoolCounter extension.
            This configuration array maps pool types to an associative array. The only
            defined key in the associative array is "class", which gives the class name.
            The remaining elements are passed through to the class as constructor
            parameters.
            **Example using local redis instance:**
            ```
            $wgPoolCounterConf = [ 'ArticleView' => [
              'class' => PoolCounterRedis::class,
              'timeout' => 15, // wait timeout in seconds
              'workers' => 1, // maximum number of active threads in each pool
              'maxqueue' => 5, // maximum number of total threads in each pool
              'servers' => [ '127.0.0.1' ],
              'redisConfig' => []
            ] ];
            ```
            **Example using C daemon from <https://gerrit.wikimedia.org/g/mediawiki/services/poolcounter>**
            ```
            $wgPoolCountClientConf = [
              'servers' => [ '127.0.0.1' ],
              'timeout' => 0.5,
              'connect_timeout' => 0.01,
            ];
            $wgPoolCounterConf = [ 'ArticleView' => [
              'class' => 'PoolCounter_Client',
              'timeout' => 15, // wait timeout in seconds
              'workers' => 5, // maximum number of active threads in each pool
              'maxqueue' => 50, // maximum number of total threads in each pool
              ... any extension-specific options...
            ] ];
            ```
            @since 1.16
    PoolCountClientConf:
        default:
            servers: [127.0.0.1]
            timeout: 0.1
        type: object
        description: |-
            Configuration array for the PoolCounter client.
            - servers: Array of hostnames, or hostname:port. The default port is 7531.
            - timeout: Connection timeout.
            - connect_timeout: [Since 1.28] Alternative connection timeout. If set, it is used
              instead of `timeout` and will be retried once if a connection fails
              to be established. Background: https://phabricator.wikimedia.org/T105378.
            @see \MediaWiki\PoolCounter\PoolCounterClient
            @since 1.16
    MaxUserDBWriteDuration:
        default: false
        type:
            - integer
            - boolean
        description: |-
            Max time (in seconds) a user-generated transaction can spend in writes.
            If exceeded, the transaction is rolled back with an error instead of being committed.
            @since 1.27
    MaxJobDBWriteDuration:
        default: false
        type:
            - integer
            - boolean
        description: |-
            Max time (in seconds) a job-generated transaction can spend in writes.
            If exceeded, the transaction is rolled back with an error instead of being committed.
            @since 1.30
    LinkHolderBatchSize:
        default: 1000
        description: |-
            LinkHolderArray batch size
            For debugging
    MaximumMovedPages:
        default: 100
        description: 'Maximum number of pages to move at once when moving subpages with a page.'
    ForceDeferredUpdatesPreSend:
        default: false
        description: |-
            Force deferred updates to be run before sending a response to the client,
            instead of attempting to run them after sending the response. Setting this
            to true is useful for end-to-end testing, to ensure that the effects of a
            request are visible to any subsequent requests, even if they are made
            immediately after the first one. Note however that this does not ensure
            that database replication is complete, nor does it execute any jobs
            enqueued for later.
            There should be no reason to set this in a normal production environment.
            @since 1.38
    MultiShardSiteStats:
        default: false
        type: boolean
        description: |-
            Whether site_stats table should have multiple rows. If set to true, in each update,
            one of ten rows gets updated at random to reduce lock wait time in wikis
            that have lots of concurrent edits.
            It should be set to true in really large wikis with big flow of edits,
            Otherwise it can cause inaccuracy in data.
            @since 1.39
    CacheDirectory:
        default: false
        description: |-
            Directory for caching data in the local filesystem. Should not be accessible
            from the web.
            Note: if multiple wikis share the same localisation cache directory, they
            must all have the same set of extensions. You can set a directory just for
            the localisation cache using $wgLocalisationCacheConf['storeDirectory'].
    MainCacheType:
        default: 0
        description: |-
            Main cache type. This should be a cache with fast access, but it may have
            limited space. By default, it is disabled, since the stock database cache
            is not fast enough to make it worthwhile.
            The options are:
            - CACHE_ANYTHING:   Use anything, as long as it works
            - CACHE_NONE:       Do not cache
            - CACHE_DB:         Store cache objects in the DB
            - CACHE_MEMCACHED:  MemCached, must specify servers in $wgMemCachedServers
            - CACHE_ACCEL:      APC, APCU or WinCache
            - (other):          A string may be used which identifies a cache
                                configuration in $wgObjectCaches.
            For a multi-datacenter setup, the underlying service should be configured
            to broadcast operations by WANObjectCache using Mcrouter or Dynomite.
            See @ref wanobjectcache-deployment "Deploying WANObjectCache".
            To configure the `broadcastRoutingPrefix` WANObjectCache parameter,
            use $wgWANObjectCache.
            @see self::MessageCacheType
            @see self::ParserCacheType
    MessageCacheType:
        default: -1
        description: |-
            The cache type for storing the contents of the MediaWiki namespace. This
            cache is used for a small amount of data which is expensive to regenerate.
            For available types see $wgMainCacheType.
    ParserCacheType:
        default: -1
        description: |-
            The cache type for storing page content HTML (e.g. parsed from wikitext).
            Parsing wikitext is considered an expensive operation. It is recommended
            to give your parser cache plenty of storage space, such that long tail cache
            hits are possible.
            The default parser cache backend (when MainCacheType is left to CACHE_NONE)
            is effectively CACHE_DB (SqlBagOStuff). If you set up a main cache type
            such as memcached, it is recommended to set this explicitly to CACHE_DB.
            Advice for large wiki farms:
            - Consider allocating a dedicated database to ParserCache.
              Register it in $wgObjectCaches and point $wgParserCacheType to it.
            - Consider using MultiWriteBagOStuff to add a higher tier with Memcached
              in front of the lower database tier.
            - Consider setting `'purgePeriod' => 0` in the dedicated SqlBagOStuff
              entry in $wgObjectCaches. This disables the automatic purging of
              expired rows (which would normally happen in the background of
              write requests). You can then schedule the purgeParserCache.php script
              to e.g. once a day prune expired rows from the a dedicated maintenance
              server.
            For available types see $wgMainCacheType.
    SessionCacheType:
        default: -1
        description: |-
            The cache backend for storing session data.
            Used by MediaWiki\Session\SessionManager. See $wgMainCacheType for available types.
            See [SessionManager Storage expectations](@ref SessionManager-storage-expectations).
    LanguageConverterCacheType:
        default: -1
        description: |-
            The cache type for storing language conversion tables,
            which are used when parsing certain text and interface messages.
            For available types see $wgMainCacheType.
            @since 1.20
    ObjectCaches:
        default:
            0: { class: Wikimedia\ObjectCache\EmptyBagOStuff, reportDupes: false }
            1: { class: SqlBagOStuff, loggroup: SQLBagOStuff }
            memcached-php: { class: Wikimedia\ObjectCache\MemcachedPhpBagOStuff, loggroup: memcached }
            memcached-pecl: { class: Wikimedia\ObjectCache\MemcachedPeclBagOStuff, loggroup: memcached }
            hash: { class: Wikimedia\ObjectCache\HashBagOStuff, reportDupes: false }
            apc: { class: Wikimedia\ObjectCache\APCUBagOStuff, reportDupes: false }
            apcu: { class: Wikimedia\ObjectCache\APCUBagOStuff, reportDupes: false }
            wincache: { class: Wikimedia\ObjectCache\WinCacheBagOStuff, reportDupes: false }
        type: object
        description: |-
            Advanced object cache configuration.
            Use this to define the class names and constructor parameters which are used
            for the various cache types. Custom cache types may be defined here and
            referenced from $wgMainCacheType, $wgMessageCacheType, $wgParserCacheType,
            or $wgLanguageConverterCacheType.
            The format is an associative array where the key is a cache identifier, and
            the value is an associative array of parameters. One of the following
            parameters specifying the class must be given:
              - class: The class name which will be used.
              - factory: A callable function which will generate a suitable cache object.
            The following parameters are shared and understood by most classes:
              - loggroup: The log channel to use.
            For SqlBagOStuff, the main configured database will be used, unless one of the following
            three parameters is given:
              - server: Server config map for Database::factory() that describes the database to
                 use for all key operations in the current region. This is overridden by "servers".
              - servers: Map of tag strings to server config maps, each for Database::factory(),
                 describing the set of database servers on which to distribute key operations in the
                 current region. Data is distributed among the servers via key hashing based on the
                 server tags. Therefore, each tag represents a shard of the dataset. Tags are useful
                 for failover using cold-standby servers and for managing shards with replica servers
                 in multiple regions (each having different hostnames).
              - cluster: The ExternalStore cluster name to use.
            SqlBagOStuff also accepts the following optional parameters:
              - dbDomain: The database name to pass to the LoadBalancer.
              - multiPrimaryMode: Whether the portion of the dataset belonging to each tag/shard is
                 replicated among one or more regions, with one "co-primary" server in each region.
                 Queries are issued in a manner that provides Last-Write-Wins eventual consistency.
                 This option requires the "server" or "servers" options. Only MySQL, with statement
                 based replication (log_bin='ON' and binlog_format='STATEMENT') is supported. Also,
                 the `modtoken` column must exist on the `objectcache` table(s).
              - purgePeriod: The average number of object cache writes in between garbage collection
                 operations, where expired entries are removed from the database. Or in other words,
                 the probability of performing a purge is one in every this number. If set to zero,
                 purging will never be done at runtime (for use with PurgeParserCache).
              - purgeLimit: Maximum number of rows to purge at once.
              - tableName: The table name to use, default is "objectcache".
              - shards: The number of tables to use for data storage on each server. If greater than
                 1, table names are formed in the style objectcacheNNN where NNN is the shard index,
                 between 0 and shards-1. The number of digits used in the suffix is the minimum number
                 required to hold the largest shard index. Data is distributed among the tables via
                 key hashing. This helps mitigate MySQL bugs 61735 and 61736.
              - replicaOnly: Whether to only use replica servers and only support read operations.
                 This option requires the use of LoadBalancer and should only be used by
                 ReplicatedBagOStuff.
              - writeBatchSize: Default maximum number of rows to change in each query for write
                 operations that can be chunked into a set of smaller writes.
            For MemcachedPhpBagOStuff parameters see {@link MemcachedPhpBagOStuff::__construct}
            For MemcachedPeclBagOStuff parameters see {@link MemcachedPeclBagOStuff::__construct}
            For RedisBagOStuff parameters see {@link Wikimedia\ObjectCache\RedisBagOStuff::__construct}
    WANObjectCache:
        default: {  }
        type: object
        description: |-
            Extra parameters to the WANObjectCache constructor.
            See @ref wanobjectcache-deployment "Deploying WANObjectCache".
            @since 1.40
    MicroStashType:
        default: -1
        type:
            - string
            - integer
        description: |-
            The stash store backend for MicroStash.
            This store should be optimized for ephemeral data, and should be able to handle
            a high volume of writes and reads. The dataset access scope should be across
            all servers that serve the application.
            Note that the TTL of the data written to the store must be respected completely
            before the data gets evicted from the store (whether the data is used or not).
            Thus, the store should not evict data before the TTL expires.
            Properties of the backend should be:
            1.) the data written to the store should be short-lived,
            2.) it should be evicted ONLY after the TTL elapses (reliably persist),
            3.) should be accessed by all servers that serve the application,
            4.) should be able to handle a high volume of writes and reads.
            @see \Wikimedia\ObjectCache\BagOStuff
            @since 1.42
    MainStash:
        default: 1
        description: |-
            The object store type of the main stash.
            This should be a fast storage system optimized for lightweight data, both ephemeral and
            permanent, for things like counters, tokens, and blobs. The dataset access scope should
            include all the application servers in all datacenters. Thus, the data must be replicated
            among all datacenters. The store should have "Last Write Wins" eventual consistency. Per
            https://en.wikipedia.org/wiki/PACELC_theorem, the store should act as a PA/EL distributed
            system for these operations.
            The multi-datacenter strategy for MediaWiki is to have CDN route HTTP POST requests to the
            primary datacenter and HTTP GET/HEAD/OPTIONS requests to the closest datacenter to the
            client. The stash accepts write operations from any datacenter, but cross-datacenter
            replication is asynchronous.
            Modules that use the main stash can expect race conditions to occur if a key can receive
            write operations originating from multiple datacenters. To improve consistency, callers
            should avoid main stash updates during non-POST requests. In any case, callers should
            gracefully tolerate occasional key evictions, temporary inconsistencies among datacenters,
            and violations of linearizability (e.g. during timeouts). Modules that can never handle
            these kinds of anomalies should use other storage mediums.
            Valid options are the keys of {@link $wgObjectCaches}, e.g. CACHE_* constants.
            @see \Wikimedia\ObjectCache\BagOStuff
            @since 1.26
    ParsoidCacheConfig:
        type: object
        properties:
            StashType: { type: [integer, string, 'null'], default: null }
            StashDuration: { type: integer, default: 86400 }
            WarmParsoidParserCache: { type: boolean, default: false }
        description: |-
            Configuration for the caching related to parsoid output. The configuration contains the
            following keys:
            - StashType: The type of object store to be used by the ParsoidOutputStash service,
                  which stores the base state of HTML based edits.
                  Valid options are the keys of {@link $wgObjectCaches}, e.g. CACHE_* constants.
                  By default, the value of the MainStash setting will be used.
                  This should be an object store that provides fairly solid persistence guarantees,
                  since losing an entry from the stash may mean that the user can't save their edit.
                  If null, the value of the MainStash configuration setting will be used.
            - StashDuration: The number of seconds for which an entry in the stash should be kept.
                  Should be long enough for users to finish editing,
                  since losing an entry from the stash may mean that the user can't save their edit.
                  This is set to one day by default.
            - WarmParsoidParserCache: Setting this to true will pre-populate the parsoid parser cache
                  with parsoid outputs on page edits. This speeds up loading HTML into Visual Editor.
            @since 1.39
            @unstable Per MediaWiki 1.39, the structure of this configuration is still subject to
                      change.
        default: null
    ParserCacheFilterConfig:
        type: object
        default:
            pcache: { default: { minCpuTime: 0 } }
            parsoid-pcache: { default: { minCpuTime: 0 } }
        additionalProperties:
            type: object
            description: 'A map of namespace IDs to filter definitions.'
            additionalProperties: { type: object, description: 'A map of filter names to values.', properties: { minCpuTime: { type: number } } }
        description: |-
            Per-namespace configuration for the ParserCache filter.
            There is one top level key for each cache name supported in ParserCacheFactory.
            The per-namespace configuration is given separately for each cache.
            For each namespace, this defines a set of filter options, which are represented
            as an associative array. The following keys are supported in this array:
            - minCpuTime: causes the parser cache to not save any output that took fewer
              than the given number of seconds of CPU time to generate, according to
              ParserOutput::getTimeProfile(). Set to 0 to always cache, or to
              PHP_INT_MAX to disable caching for this namespace.
            If no filter options are defined for a given namespace, the filter options
            under the "default" key will be used for pages in that namespace.
            @since 1.42
    ChronologyProtectorStash:
        default: null
        type:
            - string
            - 'null'
        description: |-
            The object store type for the
            {@link Wikimedia::Rdbms::ChronologyProtector ChronologyProtector} store.
            This should be a fast storage system optimized for lightweight ephemeral data.
            Data stored should be readable by all application servers in the local datacenter.
            See [ChronologyProtector requirements](@ref ChronologyProtector-storage-requirements)
            for more detailed system administrator requirements (especially for multi-dc operations).
            Valid options are the keys of {@link $wgObjectCaches}, e.g. CACHE_* constants.
            Defaults to {@link $wgMainCacheType} (in ServiceWiring.php).
            @since 1.36
    ChronologyProtectorSecret:
        default: ''
        type: string
        description: |-
            Secret string for HMAC hashing in ChronologyProtector [optional]
            @since 1.41
    ParserCacheExpireTime:
        default: 86400
        description: |-
            The expiry time for the parser cache, in seconds.
            The default is 86400 (one day).
    OldRevisionParserCacheExpireTime:
        default: 3600
        description: |-
            The expiry time for the parser cache for old revisions, in seconds.
            The default is 3600 (cache disabled).
    ObjectCacheSessionExpiry:
        default: 3600
        description: 'The expiry time to use for session storage, in seconds.'
    PHPSessionHandling:
        default: enable
        type: string
        description: |-
            Whether to use PHP session handling ($_SESSION and session_*() functions)
            If the constant MW_NO_SESSION is defined, this is forced to 'disable'.
            If the constant MW_NO_SESSION_HANDLER is defined, this is ignored and PHP
            session handling will function independently of SessionHandler.
            SessionHandler and PHP's session handling may attempt to override each
            others' cookies.
            @since 1.27
    SuspiciousIpExpiry:
        default: false
        type:
            - integer
            - boolean
        description: |-
            Time in seconds to remember IPs for, for the purposes of logging IP changes within the
            same session. This is meant more for debugging errors in the authentication system than
            for detecting abuse.
            @since 1.36
    SessionPbkdf2Iterations:
        default: 10001
        description: |-
            Number of internal PBKDF2 iterations to use when deriving session secrets.
            @since 1.28
    MemCachedServers:
        default:
            - '127.0.0.1:11211'
        type: array
        description: 'The list of MemCached servers and port numbers'
    MemCachedPersistent:
        default: false
        description: |-
            Use persistent connections to MemCached, which are shared across multiple
            requests.
    MemCachedTimeout:
        default: 500000
        description: 'Read/write timeout for MemCached server communication, in microseconds.'
    UseLocalMessageCache:
        default: false
        description: |-
            Set this to true to maintain a copy of the message cache on the local server.
            This layer of message cache is in addition to the one configured by $wgMessageCacheType.
            The local copy is put in APC. If APC is not installed, this setting does nothing.
            Note that this is about the message cache, which stores interface messages
            maintained as wiki pages. This is separate from the localisation cache for interface
            messages provided by the software, which is configured by $wgLocalisationCacheConf.
    AdaptiveMessageCache:
        default: false
        description: |-
            Instead of caching everything, only cache those messages which have
            been customised in the site content language. This means that
            MediaWiki:Foo/ja is ignored if MediaWiki:Foo doesn't exist.
            This option is probably only useful for translatewiki.net.
    LocalisationCacheConf:
        properties:
            class: { type: string, default: LocalisationCache }
            store: { type: string, default: detect }
            storeClass: { type: [boolean, string], default: false }
            storeDirectory: { type: [boolean, string], default: false }
            storeServer: { type: object, default: [] }
            forceRecache: { type: boolean, default: false }
            manualRecache: { type: boolean, default: false }
        type: object
        description: |-
            Localisation cache configuration.
            Used by service wiring to decide how to construct the
            LocalisationCache instance. Associative array with keys:
            class:       The class to use for constructing the LocalisationCache object.
                         This may be overridden by extensions to a subclass of LocalisationCache.
                         Sub classes are expected to still honor the 'storeClass', 'storeDirectory'
                         and 'manualRecache' options where applicable.
            storeClass:  Which LCStore class implementation to use. This is optional.
                         The default LocalisationCache class offers the 'store' option
                         as abstraction for this.
            store:       How and where to store localisation cache data.
                         This option is ignored if 'storeClass' is explicitly set to a class name.
                         Must be one of:
                         - 'detect' (default): Automatically select 'files' if 'storeDirectory'
                            or $wgCacheDirectory is set, and fall back to 'db' otherwise.
                         - 'files': Store in $wgCacheDirectory as CDB files.
                         - 'array': Store in $wgCacheDirectory as PHP static array files.
                         - 'db': Store in the l10n_cache database table.
            storeDirectory: If the selected LCStore class puts its data in files, then it
                            will use this directory. If set to false (default), then
                            $wgCacheDirectory is used instead.
            manualRecache: Set this to true to disable cache updates on web requests.
                           Use maintenance/rebuildLocalisationCache.php instead.
        default: null
    CachePages:
        default: true
        description: 'Allow client-side caching of pages'
    CacheEpoch:
        default: '20030516000000'
        description: |-
            Set this to current time to invalidate all prior cached pages. Affects both
            client-side and server-side caching.
            You can get the current date on your server by using the command:
            @verbatim date +%Y%m%d%H%M%S
            @endverbatim
    GitInfoCacheDirectory:
        default: false
        description: |-
            Directory where GitInfo will look for pre-computed cache files. If false,
            $wgCacheDirectory/gitinfo will be used.
    UseFileCache:
        default: false
        description: |-
            This will cache static pages for non-logged-in users to reduce
            database traffic on public sites. ResourceLoader requests to default
            language and skins are cached as well as single module requests.
    FileCacheDepth:
        default: 2
        description: |-
            Depth of the subdirectory hierarchy to be created under
            $wgFileCacheDirectory.  The subdirectories will be named based on
            the MD5 hash of the title.  A value of 0 means all cache files will
            be put directly into the main file cache directory.
    RenderHashAppend:
        default: ''
        description: |-
            Append a configured value to the parser cache and the sitenotice key so
            that they can be kept separate for some class of activity.
    EnableSidebarCache:
        default: false
        description: |-
            If on, the sidebar navigation links are cached for users with the
            current language set. This can save a touch of load on a busy site
            by shaving off extra message lookups.
            However it is also fragile: changing the site configuration, or
            having a variable $wgArticlePath, can produce broken links that
            don't update as expected.
    SidebarCacheExpiry:
        default: 86400
        description: 'Expiry time for the sidebar cache, in seconds'
    UseGzip:
        default: false
        description: |-
            When using the file cache, we can store the cached HTML gzipped to save disk
            space. Pages will then also be served compressed to clients that support it.
            Requires zlib support enabled in PHP.
    InvalidateCacheOnLocalSettingsChange:
        default: true
        description: |-
            Invalidate various caches when LocalSettings.php changes. This is equivalent
            to setting $wgCacheEpoch to the modification time of LocalSettings.php, as
            was previously done in the default LocalSettings.php file.
            On high-traffic wikis, this should be set to false, to avoid the need to
            check the file modification time, and to avoid the performance impact of
            unnecessary cache invalidations.
    ExtensionInfoMTime:
        default: false
        type:
            - integer
            - boolean
        description: |-
            When loading extensions through the extension registration system, this
            can be used to invalidate the cache. A good idea would be to set this to
            one file, you can just `touch` that one to invalidate the cache
            **Example:**
            ```
            $wgExtensionInfoMTime = filemtime( "$IP/LocalSettings.php" );
            ```
            If set to false, the mtime for each individual JSON file will be checked,
            which can be slow if a large number of extensions are being loaded.
    EnableRemoteBagOStuffTests:
        default: false
        description: |-
            If this is set to true, phpunit will run integration tests against remote
            caches defined in $wgObjectCaches.
            @since 1.38
    UseCdn:
        default: false
        description: |-
            Enable/disable CDN.
            See https://www.mediawiki.org/wiki/Manual:Performance_tuning#Page_view_caching
            @since 1.34 Renamed from $wgUseSquid.
    VaryOnXFP:
        default: false
        description: |-
            Add X-Forwarded-Proto to the Vary and Key headers for API requests and
            RSS/Atom feeds. Use this if you have an SSL termination setup
            and need to split the cache between HTTP and HTTPS for API requests,
            feed requests and HTTP redirect responses in order to prevent cache
            pollution. This does not affect 'normal' requests to index.php other than
            HTTP redirects.
    InternalServer:
        default: false
        description: |-
            Internal server name as known to CDN, if different.
            **Example:**
            ```
            $wgInternalServer = 'http://yourinternal.tld:8000';
            ```
    CdnMaxAge:
        default: 18000
        description: |-
            Cache TTL for the CDN sent as s-maxage (without ESI) or
            Surrogate-Control (with ESI). Without ESI, you should strip
            out s-maxage in the CDN config.
            18000 seconds = 5 hours, more cache hits with 2678400 = 31 days.
            @since 1.34 Renamed from $wgSquidMaxage
    CdnMaxageLagged:
        default: 30
        description: |-
            Cache timeout for the CDN when DB replica DB lag is high
            @see self::CdnMaxAge
            @since 1.27
    CdnMaxageStale:
        default: 10
        description: |-
            Cache timeout when delivering a stale ParserCache response due to PoolCounter
            contention.
            @since 1.35
    CdnReboundPurgeDelay:
        default: 0
        description: |-
            If set, any SquidPurge call on a URL or URLs will send a second purge no less than
            this many seconds later via the job queue. This requires delayed job support.
            This should be safely higher than the 'max lag' value in $wgLBFactoryConf, so that
            replica DB lag does not cause page to be stuck in stales states in CDN.
            This also fixes race conditions in two-tiered CDN setups (e.g. cdn2 => cdn1 => MediaWiki).
            If a purge for a URL reaches cdn2 before cdn1 and a request reaches cdn2 for that URL,
            it will populate the response from the stale cdn1 value. When cdn1 gets the purge, cdn2
            will still be stale. If the rebound purge delay is safely higher than the time to relay
            a purge to all nodes, then the rebound purge will clear cdn2 after cdn1 was cleared.
            @since 1.27
    CdnMaxageSubstitute:
        default: 60
        description: |-
            Cache timeout for the CDN when a response is known to be wrong or incomplete (due to load)
            @see self::CdnMaxAge
            @since 1.27
    ForcedRawSMaxage:
        default: 300
        description: |-
            Default maximum age for raw CSS/JS accesses
            300 seconds = 5 minutes.
    CdnServers:
        default: {  }
        type: object
        description: |-
            List of proxy servers to purge on changes; default port is 80. Use IP addresses.
            When MediaWiki is running behind a proxy, it will trust X-Forwarded-For
            headers sent/modified from these proxies when obtaining the remote IP address
            For a list of trusted servers which *aren't* purged, see $wgSquidServersNoPurge.
            @since 1.34 Renamed from $wgSquidServers.
    CdnServersNoPurge:
        default: {  }
        type: object
        description: |-
            As with $wgCdnServers, except these servers aren't purged on page changes;
            use to set a list of trusted proxies, etc. Supports both individual IP
            addresses and CIDR blocks.
            @since 1.23 Supports CIDR ranges
            @since 1.34 Renamed from $wgSquidServersNoPurge
    HTCPRouting:
        default: {  }
        type: object
        description: |-
            Routing configuration for HTCP multicast purging. Add elements here to
            enable HTCP and determine which purges are sent where. If set to an empty
            array, HTCP is disabled.
            Each key in this array is a regular expression to match against the purged
            URL, or an empty string to match all URLs. The purged URL is matched against
            the regexes in the order specified, and the first rule whose regex matches
            is used, all remaining rules will thus be ignored.
            **Example configuration to send purges for upload.wikimedia.org to one**
            multicast group and all other purges to another:
            ```
            $wgHTCPRouting = [
                    '|^https?://upload\.wikimedia\.org|' => [
                            'host' => '239.128.0.113',
                            'port' => 4827,
                    ],
                    '' => [
                            'host' => '239.128.0.112',
                            'port' => 4827,
                    ],
            ];
            ```
            You can also pass an array of hosts to send purges too. This is useful when
            you have several multicast groups or unicast address that should receive a
            given purge.  Multiple hosts support was introduced in MediaWiki 1.22.
            **Example of sending purges to multiple hosts:**
            ```
            $wgHTCPRouting = [
                '' => [
                    // Purges to text caches using multicast
                    [ 'host' => '239.128.0.114', 'port' => '4827' ],
                    // Purges to a hardcoded list of caches
                    [ 'host' => '10.88.66.1', 'port' => '4827' ],
                    [ 'host' => '10.88.66.2', 'port' => '4827' ],
                    [ 'host' => '10.88.66.3', 'port' => '4827' ],
                ],
            ];
            ```
            @since 1.22
            @see self::HTCPMulticastTTL
    HTCPMulticastTTL:
        default: 1
        description: |-
            HTCP multicast TTL.
            @see self::HTCPRouting
    UsePrivateIPs:
        default: false
        description: 'Should forwarded Private IPs be accepted?'
    CdnMatchParameterOrder:
        default: true
        description: |-
            Set this to false if MediaWiki is behind a CDN that re-orders query
            parameters on incoming requests.
            MediaWiki sets a large 'Cache-Control: s-maxage=' directive on page
            views only if the request URL matches one of the normal CDN URL forms.
            When 'CdnMatchParameterOrder' is false, the matching algorithm ignores
            the order of URL parameters.
            @since 1.39
    LanguageCode:
        default: en
        description: |-
            Site language code. See includes/languages/data/Names.php for languages
            supported by MediaWiki out of the box. Not all languages listed there have
            translations, see languages/messages/ for the list of languages with some
            localisation.
            Warning: Don't use any of MediaWiki's deprecated language codes listed in
            LanguageCode::getDeprecatedCodeMapping or $wgDummyLanguageCodes, like "no"
            for Norwegian (use "nb" instead). If you do, things will break unexpectedly.
            This defines the default interface language for all users, but users can
            change it in their preferences.
            This also defines the language of pages in the wiki. The content is wrapped
            in a html element with lang=XX attribute. This behavior can be overridden
            via hooks, see Title::getPageLanguage.
    GrammarForms:
        default: {  }
        type: object
        description: |-
            Some languages need different word forms, usually for different cases.
            Used in Language::convertGrammar().
            **Example:**
            ```
            $wgGrammarForms['en']['genitive']['car'] = 'car\'s';
            ```
    InterwikiMagic:
        default: true
        description: 'Treat language links as magic connectors, not inline links'
    HideInterlanguageLinks:
        default: false
        description: 'Hide interlanguage links from the sidebar'
    ExtraInterlanguageLinkPrefixes:
        default: []
        type: array
        description: |-
            List of additional interwiki prefixes that should be treated as
            interlanguage links (i.e. placed in the sidebar).
            Notes:
            - This will not do anything unless the prefixes are defined in the interwiki
              map.
            - The display text for these custom interlanguage links will be fetched from
              the system message "interlanguage-link-xyz" where xyz is the prefix in
              this array.
            - A friendly name for each site, used for tooltip text, may optionally be
              placed in the system message "interlanguage-link-sitename-xyz" where xyz is
              the prefix in this array.
            - This should be a list of "interwiki prefixes" (ie, what appears in
              wikitext), and you probably want to add an entry to
              InterlanguageLinkCodeMap as well to specify which mediawiki internal
              (or custom) language code this prefix corresponds to, and perhaps
              then map that custom language code to a language name in
              ExtraLanguageNames.
    InterlanguageLinkCodeMap:
        default: {  }
        type: object
        description: |-
            Map of interlanguage link codes to language codes. This is useful to override
            what is shown as the language name when the interwiki code does not match it
            exactly
            @since 1.35
    ExtraLanguageNames:
        default: {  }
        type: object
        description: 'List of language names or overrides for default names in Names.php'
    ExtraLanguageCodes:
        default:
            bh: bho
            'no': nb
            simple: en
        type: object
        description: |-
            List of mappings from one language code to another.
            This array makes the codes not appear as a selectable language on the
            installer.
            In Setup.php, the variable $wgDummyLanguageCodes is created by combining
            these codes with a list of "deprecated" codes, which are mostly leftovers
            from renames or other legacy things, and the internal codes 'qqq' and 'qqx'.
            If a mapping in $wgExtraLanguageCodes collide with a built-in mapping, the
            value in $wgExtraLanguageCodes will be used.
            @since 1.29
    DummyLanguageCodes:
        default: {  }
        type: object
        description: |-
            Functionally the same as $wgExtraLanguageCodes, but deprecated. Instead of
            appending values to this array, append them to $wgExtraLanguageCodes.
            @note Since 1.29, this should not be set directly in LocalSettings,
                  ExtraLanguageCodes should be set instead. However, DummyLanguageCodes
                  will be initialized and can be read internally.
    AllUnicodeFixes:
        default: false
        description: |-
            Set this to always convert certain Unicode sequences to modern ones
            regardless of the content language. This has a small performance
            impact.
            @since 1.17
    LegacyEncoding:
        default: false
        description: |-
            Set this to eg 'ISO-8859-1' to perform character set conversion when
            loading old revisions not marked with "utf-8" flag. Use this when
            converting a wiki from MediaWiki 1.4 or earlier to UTF-8 without the
            burdensome mass conversion of old text data.
            @note This DOES NOT touch any fields other than old_text. Titles, comments,
            user names, etc still must be converted en masse in the database before
            continuing as a UTF-8 wiki.
    AmericanDates:
        default: false
        description: |-
            Enable dates like 'May 12' instead of '12 May', if the default date format
            is 'dmy or mdy'.
    TranslateNumerals:
        default: true
        description: |-
            For Hindi and Arabic use local numerals instead of Western style (0-9)
            numerals in interface.
    UseDatabaseMessages:
        default: true
        description: |-
            Translation using MediaWiki: namespace.
            Interface messages will be loaded from the database.
    MaxMsgCacheEntrySize:
        default: 10000
        description: 'Maximum entry size in the message cache, in bytes'
    DisableLangConversion:
        default: false
        description: 'Whether to enable language variant conversion.'
    DisableTitleConversion:
        default: false
        description: |-
            Whether to enable language variant conversion for links.
            Note that this option is slightly misnamed.
    DefaultLanguageVariant:
        default: false
        description: |-
            Default variant code. If false, the default will be the static default
            variant of the language.
    UsePigLatinVariant:
        default: false
        description: |-
            Whether to enable the pig Latin variant of English (en-x-piglatin),
            used to ease variant development work.
    DisabledVariants:
        default: {  }
        type: object
        description: |-
            Disabled variants array of language variant conversion.
            **Example:**
            ```
            $wgDisabledVariants[] = 'zh-mo';
            $wgDisabledVariants[] = 'zh-my';
            ```
    VariantArticlePath:
        default: false
        description: |-
            Like $wgArticlePath, but on multi-variant wikis, this provides a
            path format that describes which parts of the URL contain the
            language variant.
            **Example:**
            ```
            $wgLanguageCode = 'sr';
            $wgVariantArticlePath = '/$2/$1';
            $wgArticlePath = '/wiki/$1';
            ```
            A link to /wiki/ would be redirected to /sr/Главна_страна
            It is important that $wgArticlePath not overlap with possible values
            of $wgVariantArticlePath.
    UseXssLanguage:
        default: false
        description: |-
            Whether to enable the 'x-xss' language code, used for development.
            When enabled, the language code 'x-xss' (e.g. via ?uselang=x-xss) can
            be used to test correct message escaping at scale, to prevent
            cross-site scripting. In this "language", every message becomes an HTML
            snippet which attempts to alert the message key. Well-written code will
            correctly escape all of these messages. If any alerts are actually
            fired in the browser, the message is not being escaped correctly;
            either the offending code should be fixed, or the message should be
            added to {@link self::RawHtmlMessages}.
            @see https://www.mediawiki.org/wiki/Special:MyLanguage/Cross-site_scripting
            @since 1.41
    LoginLanguageSelector:
        default: false
        description: |-
            Show a bar of language selection links in the user login and user
            registration forms; edit the "loginlanguagelinks" message to
            customise these.
    ForceUIMsgAsContentMsg:
        default: {  }
        type: object
        description: |-
            When translating messages with wfMessage(), it is not always clear what
            should be considered UI messages and what should be content messages.
            For example, for the English Wikipedia, there should be only one 'mainpage',
            so when getting the link for 'mainpage', we should treat it as site content
            and call ->inContentLanguage()->text(), but for rendering the text of the
            link, we call ->text(). The code behaves this way by default. However,
            sites like the Wikimedia Commons do offer different versions of 'mainpage'
            and the like for different languages. This array provides a way to override
            the default behavior.
            **Example:**
            To allow language-specific main page and community
            portal:
            ```
            $wgForceUIMsgAsContentMsg = [ 'mainpage', 'portal-url' ];
            ```
    RawHtmlMessages:
        default:
            - copyright
            - history_copyright
            - googlesearch
        type: array
        items:
            type: string
        description: |-
            List of messages which might contain raw HTML.
            Extensions should add their insecure raw HTML messages to extension.json.
            The list is used for access control:
            changing messages listed here will require editsitecss and editsitejs rights.
            Message names must be given with underscores rather than spaces and with lowercase first
            letter.
            @since 1.32
    Localtimezone:
        dynamicDefault:
            callback: [MediaWiki\MainConfigSchema, getDefaultLocaltimezone]
        description: |-
            Fake out the timezone that the server thinks it's in. This will be used for
            date display and not for what's stored in the DB. Leave to null to retain
            your server's OS-based timezone value.
            This variable is currently used only for signature formatting and for local
            time/date parser variables ({{LOCALTIME}} etc.)
            Timezones can be translated by editing MediaWiki messages of type
            timezone-nameinlowercase like timezone-utc.
            A list of usable timezones can found at:
            https://www.php.net/manual/en/timezones.php
            **Examples:**
            ```
            $wgLocaltimezone = 'UTC';
            $wgLocaltimezone = 'GMT';
            $wgLocaltimezone = 'PST8PDT';
            $wgLocaltimezone = 'Europe/Sweden';
            $wgLocaltimezone = 'CET';
            ```
        default: null
    LocalTZoffset:
        dynamicDefault:
            use: [Localtimezone]
            callback: [MediaWiki\MainConfigSchema, getDefaultLocalTZoffset]
        description: |-
            Set an offset from UTC in minutes to use for the default timezone setting
            for anonymous users and new user accounts.
            This setting is used for most date/time displays in the software, and is
            overridable in user preferences. It is *not* used for signature timestamps.
            By default, this will be set to match $wgLocaltimezone.
        default: null
    OverrideUcfirstCharacters:
        default: {  }
        type: object
        description: |-
            Map of Unicode characters for which capitalization is overridden in
            Language::ucfirst. The characters should be
            represented as char_to_convert => conversion_override. See T219279 for details
            on why this is useful during php version transitions.
            @since 1.34
    MimeType:
        default: text/html
        description: 'The default Content-Type header.'
    Html5Version:
        default: null
        description: |-
            Defines the value of the version attribute in the &lt;html&gt; tag, if any.
            If your wiki uses RDFa, set it to the correct value for RDFa+HTML5.
            Correct current values are 'HTML+RDFa 1.0' or 'XHTML+RDFa 1.0'.
            See also https://www.w3.org/TR/rdfa-in-html/#document-conformance
            @since 1.16
    EditSubmitButtonLabelPublish:
        default: false
        description: |-
            Whether to label the store-to-database-and-show-to-others button in the editor
            as "Save page"/"Save changes" if false (the default) or, if true, instead as
            "Publish page"/"Publish changes".
            @since 1.28
    XhtmlNamespaces:
        default: {  }
        type: object
        description: |-
            Permit other namespaces in addition to the w3.org default.
            Use the prefix for the key and the namespace for the value.
            **Example:**
            ```
            $wgXhtmlNamespaces['svg'] = 'http://www.w3.org/2000/svg';
            ```
            Normally we wouldn't have to define this in the root "<html>"
            element, but IE needs it there in some circumstances.
            This is ignored if $wgMimeType is set to a non-XML MIME type.
    SiteNotice:
        default: ''
        description: |-
            Site notice shown at the top of each page
            MediaWiki:Sitenotice page, which will override this. You can also
            provide a separate message for logged-out users using the
            MediaWiki:Anonnotice page.
    BrowserFormatDetection:
        default: telephone=no
        type: string
        description: |-
            Override the ability of certain browsers to attempt to autodetect dataformats in pages.
            This is a default feature of many mobile browsers, but can have a lot of false positives,
            where for instance, year ranges are confused with phone numbers.
            The default of this setting is to disable telephone number data detection.
            Set BrowserFormatDetection to false to fallback to the browser defaults.
            @since 1.37
            @see https://developer.apple.com/library/archive/documentation/AppleApplications/Reference/SafariHTMLRef/Articles/MetaTags.html
    SkinMetaTags:
        default: {  }
        type: object
        description: |-
            An array of open graph tags which should be added by all skins.
            Accepted values are "og:site_name", "og:title", "og:type" and "twitter:card".
            Since some of these fields can be provided by extensions it defaults to an empty array.
            @since 1.36
    DefaultSkin:
        default: vector-2022
        description: |-
            Default skin, for new users and anonymous visitors. Registered users may
            change this to any one of the other available skins in their preferences.
    FallbackSkin:
        default: fallback
        description: |-
            Fallback skin used when the skin defined by $wgDefaultSkin can't be found.
            @since 1.24
    SkipSkins:
        default: {  }
        type: object
        description: |-
            Specify the names of skins that should not be presented in the list of
            available skins in user preferences.
            NOTE: This does not uninstall the skin, and it will still be accessible
            via the `useskin` query parameter. To uninstall a skin, remove its inclusion
            from LocalSettings.php.
            @see \SkinFactory::getAllowedSkins
    DisableOutputCompression:
        default: false
        description: 'Disable output compression (enabled by default if zlib is available)'
    FragmentMode:
        default:
            - html5
            - legacy
        type: array
        description: |-
            How should section IDs be encoded?
            This array can contain 1 or 2 elements, each of them can be one of:
            - 'html5'  is modern HTML5 style encoding with minimal escaping. Displays Unicode
                       characters in most browsers' address bars.
            - 'legacy' is old MediaWiki-style encoding, e.g. 啤酒 turns into .E5.95.A4.E9.85.92
            The first element of this array specifies the primary mode of escaping IDs. This
            is what users will see when they e.g. follow an [[#internal link]] to a section of
            a page.
            The optional second element defines a fallback mode, useful for migrations.
            If present, it will direct MediaWiki to add empty <span>s to every section with its
            id attribute set to fallback encoded title so that links using the previous encoding
            would still work.
            Example: you want to migrate your wiki from 'legacy' to 'html5'
            On the first step, set this variable to [ 'legacy', 'html5' ]. After a while, when
            all caches (parser, HTTP, etc.) contain only pages generated with this setting,
            flip the value to [ 'html5', 'legacy' ]. This will result in all internal links being
            generated in the new encoding while old links (both external and cached internal) will
            still work. After a long time, you might want to ditch backwards compatibility and
            set it to [ 'html5' ]. After all, pages get edited, breaking incoming links no matter which
            fragment mode is used.
            @since 1.30
    ExternalInterwikiFragmentMode:
        default: legacy
        description: |-
            Which ID escaping mode should be used for external interwiki links? See documentation
            for $wgFragmentMode above for details of each mode. Because you can't control external sites,
            this setting should probably always be 'legacy', unless every wiki you link to has converted
            to 'html5'.
            @since 1.30
    FooterIcons:
        default:
            copyright: { copyright: [] }
            poweredby: { mediawiki: { src: null, url: 'https://www.mediawiki.org/', alt: 'Powered by MediaWiki' } }
        type: object
        description: |-
            Abstract list of footer icons for skins in place of old copyrightico and poweredbyico code
            You can add new icons to the built in copyright or poweredby, or you can create
            a new block. Though note that you may need to add some custom css to get good styling
            of new blocks in monobook. vector and modern should work without any special css.
            $wgFooterIcons itself is a key/value array.
            The key is the name of a block that the icons will be wrapped in. The final id varies
            by skin; Monobook and Vector will turn poweredby into f-poweredbyico while Modern
            turns it into mw_poweredby.
            The value is either key/value array of icons or a string.
            In the key/value array the key may or may not be used by the skin but it can
            be used to find the icon and unset it or change the icon if needed.
            This is useful for disabling icons that are set by extensions.
            The value should be either a string or an array. If it is a string it will be output
            directly as html, however some skins may choose to ignore it. An array is the preferred
            format for the icon, the following keys are used:
            - src: An absolute url to the image to use for the icon, this is recommended
                   but not required, however some skins will ignore icons without an image
            - srcset: optional additional-resolution images; see HTML5 specs
            - url: The url to use in the a element around the text or icon, if not set an a element will
                   not be outputted
            - alt: This is the text form of the icon, it will be displayed without an image in
                   skins like Modern or if src is not set, and will otherwise be used as
                   the alt="" for the image. This key is required.
            - width and height: If the icon specified by src is not of the standard size
                                you can specify the size of image to use with these keys.
                                Otherwise they will default to the standard 88x31.
            @todo Reformat documentation.
    UseCombinedLoginLink:
        default: false
        description: |-
            Login / create account link behavior when it's possible for anonymous users
            to create an account.
            - true = use a combined login / create account link
            - false = split login and create account into two separate links
    Edititis:
        default: false
        description: 'Display user edit counts in various prominent places.'
    Send404Code:
        default: true
        description: |-
            Some web hosts attempt to rewrite all responses with a 404 (not found)
            status code, mangling or hiding MediaWiki's output. If you are using such a
            host, you should start looking for a better one. While you're doing that,
            set this to false to convert some of MediaWiki's 404 responses to 200 so
            that the generated error pages can be seen.
            In cases where for technical reasons it is more important for MediaWiki to
            send the correct status code than for the body to be transmitted intact,
            this configuration variable is ignored.
    ShowRollbackEditCount:
        default: 10
        description: |-
            The $wgShowRollbackEditCount variable is used to show how many edits can be rolled back.
            The numeric value of the variable controls how many edits MediaWiki will look back to
            determine whether a rollback is allowed (by checking that they are all from the same author).
            If the value is false or 0, the edits are not counted. Disabling this will prevent MediaWiki
            from hiding some useless rollback links.
            @since 1.20
    EnableCanonicalServerLink:
        default: false
        description: |-
            Output a <link rel="canonical"> tag on every page indicating the canonical
            server which should be used, i.e. $wgServer or $wgCanonicalServer. Since
            detection of the current server is unreliable, the link is sent
            unconditionally.
    InterwikiLogoOverride:
        default: []
        type: array
        items:
            type: string
        description: |-
            List of interwiki logos overrides.
            This is used by the sister project sidebar. This list accept a key equal to the
            interwiki ID (as defined in the interwiki links), and accept a Codex icon name
            (https://doc.wikimedia.org/codex/latest/icons/all-icons.html) or a base URL for
            the given interwiki.
            Example :
            $wgInterwikiLogoOverride = [
                'c' => 'logoWikimediaCommons',
                'wikit' => 'https://mySpecialWiki.com'
            ];
    ResourceModules:
        default: {  }
        type: object
        description: |-
            Define extra client-side modules to be registered with ResourceLoader.
            @note It is recommended to define modules using the `ResourceModule` attribute
            in `extension.json` or `skin.json` when possible (instead of via PHP global variables).
            Registration is internally handled by ResourceLoader::register.
            ## Available modules
            Modules that ship with %MediaWiki core are registered via
            resources/Resources.php. For a full list with documentation, see:
            [ResourceLoader/Core_modules](https://www.mediawiki.org/wiki/ResourceLoader/Core_modules).
            ## Options
            - class `{string}`:
              By default a module is assumed to bundle file resources
              as handled by the MediaWiki\ResourceLoader\FileModule class. Use this option
              to use a different implementation of MediaWiki\ResourceLoader\Module instead.
              Default: `\MediaWiki\ResourceLoader\FileModule`
            - factory `{string}`:
              Override the instantiation of the MediaWiki\ResourceLoader\Module
              class using a PHP callback. This allows dependency injection to be used.
              This option cannot be combined with the `class` option.
              Since: MW 1.30
            - dependencies `{string[]|string}`:
              Modules that must be executed before this module.
              Module name string or list of module name strings.
              Default: `[]`
            - deprecated `{boolean|string}`:
              Whether the module is deprecated and usage is discouraged.
              Set to boolean true, or a string to include in the warning message.
              Default: `false`
            - group `{string}`:
              Optional request group to override which modules may be downloaded
              together in an HTTP batch request. By default, any two modules may be
              loaded together in the same batch request. Set this option to a
              descriptive string to give the module its own HTTP request. To allow
              other modules to join this new request, give those the same request group.
              Use this option with caution. The default behaviour is well-tuned already,
              and setting this often does more harm than good. For more about request
              balancing optimisations, see
              [ResourceLoader/Architecture#Balance](https://www.mediawiki.org/wiki/ResourceLoader/Architecture#Balance).
            - skipFunction `{string}`:
              Allow this module to be satisfied as dependency without actually loading
              or executing scripts from the server, if the specified JavaScript function
              returns true.
              Use this to provide polyfills that are natively available in newer browsers.
              Specify the relative path to a JavaScript file containing a top-level return
              statement. The contents of the file should not contain any wrapping function,
              it will be wrapped by %ResourceLoader in an anonymous function and invoked
              when the module is considered for loading.
            ## FileModule options
            - localBasePath `{string}`:
              Base file path to prepend to relative file paths specified in other options.
              Default: `$IP`
            - remoteBasePath `{string}`:
              Base URL path to prepend to relative file paths specified in other options.
              This is used to form URLs for files, such as when referencing images in
              stylesheets, or in debug mode to serve JavaScript files directly.
              Default: @ref $wgResourceBasePath (which defaults to @ref $wgScriptPath)
            - remoteExtPath `{string}`:
              Shortcut for `remoteBasePath` that is relative to $wgExtensionAssetsPath.
              Use this when defining modules from an extension, so as to avoid hardcoding
              the script path of the %MediaWiki install or the location of the extensions
              directory.
              This option is mutually exclusive with `remoteBasePath`.
            - styles `{string[]|string|array<string,array>}`:
              Styles to always include in the module.
              %File path or list of file paths, relative to `localBasePath`.
              The stylesheet can be automatically wrapped in a `@media` query by specifying
              the file path as the key in an object (instead of the value), with the value
              specifying a `media` query.
              See @ref wgResourceModules-example-stylesheet "Stylesheet examples" below.
              See also @ref $wgResourceModuleSkinStyles.
              Extended options:
              - skinStyles `{string[]|string}`: Styles to include in specific skin contexts.
                Array keyed is by skin name with file path or list of file paths as value,
                relative to `localBasePath`.
              Default: `[]`
            - noflip `{boolean}`:
              By default, CSSJanus will be used automatically to perform LTR-to-RTL flipping
              when loaded in a right-to-left (RTL) interface language context.
              Use this option to skip CSSJanus LTR-to-RTL flipping for this module, for example
              when registering an external library that already handles RTL styles.
              Default: `false`
            - packageFiles `{string[]|array[]}`
              Specify script files and (virtual) data files to include in the module.
              Each internal JavaScript file retains its own local module scope and its
              private exports can be accessed separately by other client-side code in the
              same module, via the local `require()` function.
              Modules that use package files should export any public API methods using
              `module.exports`.
              See examples at
                [ResourceLoader/Package_files](https://www.mediawiki.org/wiki/ResourceLoader/Package_files)
                on mediawiki.org.
              The `packageFiles` feature cannot be combined with legacy scripts that use
              the `scripts` option, including its extended variants `languageScripts`,
              `skinScripts`, and `debugScripts`.
              Since: MW 1.33
              Default: `[]`
            - scripts `{string[]|string|array[]}`:
              Scripts to always include in the module.
              %File path or list of file paths, relative to `localBasePath`.
              These files are concatenated blindly and executed as a single client-side script.
              Modules using this option are sometimes referred to as "legacy scripts" to
              distinguish them from those that use the `packageFiles` option.
              Modules that use legacy scripts usually attach any public APIs they have
              to the `mw` global variable. If a module contains just one file, it is also
              supported to use the newer `module.exports` mechanism, though if the module
              contains more than one legacy script, it is considered unsafe and unsupported
              to use this mechanism (use `packageFiles` instead). See also
              [Coding
                conventions/JavaScript](https://www.mediawiki.org/wiki/Manual:Coding_conventions/JavaScript#Exporting).
              Since MW 1.41, an element of `scripts` may be an array in the same format as
              packageFiles, giving a callback to call for content generation.
              Default: `[]`
              Extended options, concatenated in this order:
              - languageScripts `{string[]|string|array[]}`: Scripts to include in specific
                language contexts. Array is keyed by language code with file path or list of
                file path.
              - skinScripts `{string[]|string|array[]}`: Scripts to include in specific skin contexts.
                Array keyed is by skin name with file path or list of file paths.
              - debugScripts `{string[]|string|array[]}`: Scripts to include in debug contexts.
                %File path or list of file paths.
            - messages `{string[]}`
              Localisation messages to bundle with this module, for client-side use
              via `mw.msg()` and `mw.message()`. List of message keys.
              Default: `[]`
            - templates `{string[]}`
              List of template files to be loaded for client-side usage via `mw.templates`.
              Default: `[]`
            - es6 `{boolean}`:
              Since: MW 1.36; ignored since MW 1.41.
              Default: `true`
             - skipStructureTest `{boolean}`:
              Whether to skip ResourcesTest::testRespond(). Since MW 1.42.
              Default: `false`.
            ## Examples
            **Example: Using an alternate subclass**
            ```
            $wgResourceModules['ext.myExtension'] = [
              'class' => \MediaWiki\ResourceLoader\WikiModule::class,
            ];
            ```
            **Example: Deprecated module**
            ```
            $wgResourceModules['ext.myExtension'] = [
              'deprecated' => 'You should use ext.myExtension2 instead',
            ];
            ```
            **Example: Base paths in extension.json**
            ```
            "ext.myExtension": {
              "localBasePath": "modules/ext.MyExtension",
              "remoteExtPath": "MyExtension/modules/ext.MyExtension"
            }
            ```
            **Example: Base paths in core with PHP**
            ```
            $wgResourceModules['mediawiki.example'] = [
              'localBasePath' => "$IP/resources/src/mediawiki.example",
              'remoteBasePath' => "$wgResourceBasePath/resources/src/mediawiki.example",
            ];
            ```
            **Example: Define a skip function**
            ```
            $wgResourceModules['ext.myExtension.SomeWebAPI'] = [
              'skipFunction' => 'skip-SomeWebAPI.js',
            ];
            ```
            **Example: Contents of skip function file**
            ```
            return typeof SomeWebAPI === 'function' && SomeWebAPI.prototype.duckMethod;
            ```
            @anchor wgResourceModules-example-stylesheet
            **Example: Stylesheets**
            ```
            $wgResourceModules['example'] = [
              'styles' => [
                'foo.css',
                'bar.css',
              ],
            ];
            $wgResourceModules['example.media'] = [
              'styles' => [
                'foo.css' => [ 'media' => 'print' ],
            ];
            $wgResourceModules['example.mixed'] = [
              'styles' => [
                'foo.css',
                'bar.css' => [ 'media' => 'print' ],
              ],
            ];
            ```
            **Example: Package files**
            ```
            "ext.myExtension": {
                "localBasePath": "modules/ext.MyExtension",
                "remoteExtPath": "MyExtension/modules/ext.MyExtension",
                "packageFiles": [
                  "index.js",
                  "utils.js",
                  "data.json"
                ]
              }
            }
            ```
            **Example: Legacy scripts**
            ```
            $wgResourceModules['ext.myExtension'] = [
              'scripts' => [
                'modules/ext.myExtension/utils.js',
                'modules/ext.myExtension/myExtension.js',
              ],
              'languageScripts' => [
                'bs' => 'modules/ext.myExtension/languages/bs.js',
                'fi' => 'modules/ext.myExtension/languages/fi.js',
              ],
              'skinScripts' => [
                'default' => 'modules/ext.myExtension/skin-default.js',
              ],
              'debugScripts' => [
                'modules/ext.myExtension/debug.js',
              ],
            ];
            ```
            **Example: Template files**
            ```
            $wgResourceModules['ext.myExtension'] = [
              'templates' => [
                'templates/template.html',
                'templates/template2.html',
              ],
            ];
            ```
            @since 1.17
    ResourceModuleSkinStyles:
        default: {  }
        type: object
        description: |-
            Add extra skin-specific styles to a resource module.
            These are automatically added by ResourceLoader to the 'skinStyles' list of
            the existing module. The 'styles' list cannot be modified or disabled.
            For example, below a module "bar" is defined and skin Foo provides additional
            styles for it:
            **Example:**
            ```
            $wgResourceModules['bar'] = [
              'scripts' => 'resources/bar/bar.js',
              'styles' => 'resources/bar/main.css',
            ];
            $wgResourceModuleSkinStyles['foo'] = [
              'bar' => 'skins/Foo/bar.css',
            ];
            ```
            This is effectively equivalent to:
            **Equivalent:**
            ```
            $wgResourceModules['bar'] = [
              'scripts' => 'resources/bar/bar.js',
              'styles' => 'resources/bar/main.css',
              'skinStyles' => [
                'foo' => skins/Foo/bar.css',
              ],
            ];
            ```
            If the module already defines its own entry in `skinStyles` for a given skin, then
            $wgResourceModuleSkinStyles is ignored.
            If a module defines a `skinStyles['default']` the skin may want to extend that instead
            of replacing it. This can be done using the `+` prefix.
            **Example:**
            ```
            $wgResourceModules['bar'] = [
              'scripts' => 'resources/bar/bar.js',
              'styles' => 'resources/bar/basic.css',
              'skinStyles' => [
               'default' => 'resources/bar/additional.css',
              ],
            ];
            // Note the '+' character:
            $wgResourceModuleSkinStyles['foo'] = [
              '+bar' => 'skins/Foo/bar.css',
            ];
            ```
            This is effectively equivalent to:
            **Equivalent:**
            ```
            $wgResourceModules['bar'] = [
              'scripts' => 'resources/bar/bar.js',
              'styles' => 'resources/bar/basic.css',
              'skinStyles' => [
                'default' => 'resources/bar/additional.css',
                'foo' => [
                  'resources/bar/additional.css',
                  'skins/Foo/bar.css',
                ],
              ],
            ];
            ```
            In other words, as a module author, use the `styles` list for stylesheets that may not be
            disabled by a skin. To provide default styles that may be extended or replaced,
            use `skinStyles['default']`.
            As with $wgResourceModules, always set the localBasePath and remoteBasePath
            keys (or one of remoteExtPath/remoteSkinPath).
            **Example:**
            ```
            $wgResourceModuleSkinStyles['foo'] = [
              'bar' => 'bar.css',
              'quux' => 'quux.css',
              'remoteSkinPath' => 'Foo',
              'localBasePath' => __DIR__,
            ];
            ```
    ResourceLoaderSources:
        default: {  }
        type: object
        description: |-
            Extensions should register foreign module sources here. 'local' is a
            built-in source that is not in this array, but defined by
            ResourceLoader::__construct() so that it cannot be unset.
            **Example:**
            ```
            $wgResourceLoaderSources['foo'] = 'http://example.org/w/load.php';
            ```
    ResourceBasePath:
        default: null
        dynamicDefault:
            use: [ScriptPath]
            callback: [MediaWiki\MainConfigSchema, getDefaultResourceBasePath]
        description: |-
            The default 'remoteBasePath' value for instances of MediaWiki\ResourceLoader\FileModule.
            Defaults to $wgScriptPath.
    ResourceLoaderMaxage:
        default: {  }
        type: object
        description: |-
            Override how long a CDN or browser may cache a ResourceLoader HTTP response.
            Maximum time in seconds. Used for the `max-age` and `s-maxage` Cache-Control headers.
            Valid keys:
              - versioned
              - unversioned
            @see \MediaWiki\ResourceLoader\ResourceLoader::__construct
            @since 1.35
    ResourceLoaderUseObjectCacheForDeps:
        default: false
        description: |-
            Use the main stash instead of the module_deps table for indirect dependency tracking
            @unstable EXPERIMENTAL
            @since 1.35
    ResourceLoaderDebug:
        default: false
        description: |-
            The default debug mode (on/off) for of ResourceLoader requests.
            This will still be overridden when the debug URL parameter is used.
    ResourceLoaderMaxQueryLength:
        default: false
        type:
            - integer
            - boolean
        description: |-
            ResourceLoader will not generate URLs whose query string is more than
            this many characters long, and will instead use multiple requests with
            shorter query strings. Using multiple requests may degrade performance,
            but may be needed based on the query string limit supported by your web
            server and/or your user's web browsers.
            Default: `2000`.
            @see \MediaWiki\ResourceLoader\StartUpModule::getMaxQueryLength
            @since 1.17
    ResourceLoaderValidateJS:
        default: true
        description: |-
            Validate JavaScript code loaded from wiki pages.
            If a syntax error is found, the script is replaced with a warning
            logged to the browser console. This ensures errors are found early and
            consistently (independent of the editor's own browser), and prevents
            breaking other modules loaded in the same batch from load.php.
            @see \MediaWiki\ResourceLoader\Module::validateScriptFile
    ResourceLoaderEnableJSProfiler:
        default: false
        description: |-
            When enabled, execution of JavaScript modules is profiled client-side.
            Instrumentation happens in mw.loader.profiler.
            Use `mw.inspect('time')` from the browser console to display the data.
            @since 1.32
    ResourceLoaderStorageEnabled:
        default: true
        description: |-
            Whether ResourceLoader should attempt to persist modules in localStorage on
            browsers that support the Web Storage API.
    ResourceLoaderStorageVersion:
        default: 1
        description: |-
            Cache version for client-side ResourceLoader module storage. You can trigger
            invalidation of the contents of the module store by incrementing this value.
            @since 1.23
    ResourceLoaderEnableSourceMapLinks:
        default: true
        description: |-
            Whether to include a SourceMap header in ResourceLoader responses
            for JavaScript modules.
            @since 1.41
    AllowSiteCSSOnRestrictedPages:
        default: false
        description: |-
            Whether to allow site-wide CSS (MediaWiki:Common.css and friends) on
            restricted pages like Special:UserLogin or Special:Preferences where
            JavaScript is disabled for security reasons. As it is possible to
            execute JavaScript through CSS, setting this to true opens up a
            potential security hole. Some sites may "skin" their wiki by using
            site-wide CSS, causing restricted pages to look unstyled and different
            from the rest of the site.
            @since 1.25
    VueDevelopmentMode:
        default: false
        description: |-
            Whether to use the development version of Vue.js. This should be disabled
            for production installations. For development installations, enabling this
            provides useful additional warnings and checks.
            Even when this is disabled, using ResourceLoader's debug mode (?debug=true)
            will cause the development version to be loaded.
            @since 1.35
    MetaNamespace:
        default: false
        dynamicDefault:
            use: [Sitename]
            callback: [MediaWiki\MainConfigSchema, getDefaultMetaNamespace]
        description: |-
            Name of the project namespace. If left set to false, $wgSitename will be
            used instead.
    MetaNamespaceTalk:
        default: false
        description: |-
            Name of the project talk namespace.
            Normally you can ignore this and it will be something like
            $wgMetaNamespace . "_talk". In some languages, you may want to set this
            manually for grammatical reasons.
    CanonicalNamespaceNames:
        default:
            -2: Media
            -1: Special
            0: ''
            1: Talk
            2: User
            3: User_talk
            4: Project
            5: Project_talk
            6: File
            7: File_talk
            8: MediaWiki
            9: MediaWiki_talk
            10: Template
            11: Template_talk
            12: Help
            13: Help_talk
            14: Category
            15: Category_talk
        type: object
        description: |-
            Canonical namespace names.
            Must not be changed directly in configuration or by extensions, use $wgExtraNamespaces
            instead.
    ExtraNamespaces:
        default: {  }
        type: object
        description: |-
            Additional namespaces. If the namespaces defined in Language.php and
            Namespace.php are insufficient, you can create new ones here, for example,
            to import Help files in other languages. You can also override the namespace
            names of existing namespaces. Extensions should use the CanonicalNamespaces
            hook or extension.json.
            @warning Once you delete a namespace, the pages in that namespace will
            no longer be accessible. If you rename it, then you can access them through
            the new namespace name.
            Custom namespaces should start at 100 to avoid conflicting with standard
            namespaces, and should always follow the even/odd main/talk pattern.
            **Example:**
            ```
            $wgExtraNamespaces = [
               100 => "Hilfe",
               101 => "Hilfe_Diskussion",
               102 => "Aide",
               103 => "Discussion_Aide"
            ];
            ```
            @todo Add a note about maintenance/namespaceDupes.php
    ExtraGenderNamespaces:
        default: {  }
        type: object
        description: |-
            Same as above, but for namespaces with gender distinction.
            Note: the default form for the namespace should also be set
            using $wgExtraNamespaces for the same index.
            @since 1.18
    NamespaceAliases:
        default: {  }
        type: object
        description: |-
            Define extra namespace aliases.
            These are alternate names for the primary localised namespace names, which
            are defined by $wgExtraNamespaces and the language file. If a page is
            requested with such a prefix, the request will be redirected to the primary
            name.
            Set this to a map from namespace names to IDs.
            **Example:**
            ```
            $wgNamespaceAliases = [
                'Wikipedian' => NS_USER,
                'Help' => 100,
            ];
            ```
            @see \Language::getNamespaceAliases for accessing the full list of aliases,
            including those defined by other means.
    LegalTitleChars:
        default: ' %!"$&''()*,\-.\/0-9:;=?@A-Z\\^_`a-z~\x80-\xFF+'
        deprecated: 'since 1.41; use Extension:TitleBlacklist to customize'
        description: |-
            Allowed title characters -- regex character class
            Don't change this unless you know what you're doing
            Problematic punctuation:
              -  []}|#     Are needed for link syntax, never enable these
              -  <>        Causes problems with HTML escaping, don't use
              -  %         Enabled by default, minor problems with path to query rewrite rules, see below
              -  +         Enabled by default, but doesn't work with path to query rewrite rules,
                           corrupted by apache
              -  ?         Enabled by default, but doesn't work with path to PATH_INFO rewrites
            All three of these punctuation problems can be avoided by using an alias,
            instead of a rewrite rule of either variety.
            The problem with % is that when using a path to query rewrite rule, URLs are
            double-unescaped: once by Apache's path conversion code, and again by PHP. So
            %253F, for example, becomes "?". Our code does not double-escape to compensate
            for this, indeed double escaping would break if the double-escaped title was
            passed in the query string rather than the path. This is a minor security issue
            because articles can be created such that they are hard to view or edit.
            In some rare cases you may wish to remove + for compatibility with old links.
            @deprecated since 1.41; use Extension:TitleBlacklist or (soon)
            Extension:AbuseFilter to customize this set.
    CapitalLinks:
        default: true
        description: |-
            Set this to false to avoid forcing the first letter of links to capitals.
            @warning may break links! This makes links COMPLETELY case-sensitive. Links
            appearing with a capital at the beginning of a sentence will *not* go to the
            same place as links in the middle of a sentence using a lowercase initial.
    CapitalLinkOverrides:
        default: {  }
        type: object
        description: |-
            @since 1.16 - This can now be set per-namespace. Some special namespaces (such as Special,
                see NamespaceInfo::$alwaysCapitalizedNamespaces for the full list) must be true by
                default (and setting them has no effect), due to various things that require them to be
                so. Also, since Talk namespaces need to directly mirror their associated content
                namespaces, the values for those are ignored in favor of the subject namespace's
                setting. Setting for NS_MEDIA is taken automatically from NS_FILE.
            **Example:**
            ```
            $wgCapitalLinkOverrides[ NS_FILE ] = false;
            ```
    NamespacesWithSubpages:
        default:
            1: true
            2: true
            3: true
            4: true
            5: true
            7: true
            8: true
            9: true
            10: true
            11: true
            12: true
            13: true
            15: true
        type: object
        description: |-
            Which namespaces should support subpages?
            See Language.php for a list of namespaces.
    ContentNamespaces:
        default:
            - 0
        type: array
        description: |-
            Array of namespaces which can be deemed to contain valid "content", as far
            as the site statistics are concerned. Useful if additional namespaces also
            contain "content" which should be considered when generating a count of the
            number of articles in the wiki.
    ShortPagesNamespaceExclusions:
        default: []
        type: array
        description: |-
            Optional array of namespaces which should be excluded from Special:ShortPages.
            Only pages inside $wgContentNamespaces but not $wgShortPagesNamespaceExclusions will
            be shown on that page.
            @since 1.37; previously $wgShortPagesNamespaceBlacklist
    ExtraSignatureNamespaces:
        default: []
        type: array
        description: |-
            Array of namespaces, in addition to the talk namespaces, where signatures
            (~~~~) are likely to be used. This determines whether to display the
            Signature button on the edit toolbar, and may also be used by extensions.
            For example, "traditional" style wikis, where content and discussion are
            intermixed, could place NS_MAIN and NS_PROJECT namespaces in this array.
    InvalidRedirectTargets:
        default:
            - Filepath
            - Mypage
            - Mytalk
            - Redirect
            - Mylog
        type: array
        description: |-
            Array of invalid page redirect targets.
            Attempting to create a redirect to any of the pages in this array
            will make the redirect fail.
            Userlogout is hard-coded, so it does not need to be listed here.
            (T12569) Disallow Mypage and Mytalk as well.
            As of now, this only checks special pages. Redirects to pages in
            other namespaces cannot be invalidated by this variable.
    DisableHardRedirects:
        default: false
        description: |-
            Disable redirects to special pages and interwiki redirects, which use a 302
            and have no "redirected from" link.
            @note This is only for articles with #REDIRECT in them. URL's containing a
            local interwiki prefix (or a non-canonical special page name) are still hard
            redirected regardless of this setting.
    FixDoubleRedirects:
        default: false
        description: |-
            Fix double redirects after a page move.
            Tends to conflict with page move vandalism, use only on a private wiki.
    LocalInterwikis:
        default: []
        type: array
        description: |-
            Array for local interwiki values, for each of the interwiki prefixes that point to
            the current wiki.
            Note, recent changes feeds use only the first entry in this array. See $wgRCFeeds.
    InterwikiExpiry:
        default: 10800
        description: 'Expiry time for cache of interwiki table'
    InterwikiCache:
        default: false
        type:
            - boolean
            - object
        mergeStrategy: replace
        description: |-
            Interwiki cache as an associative array.
            When set, the InterwikiLookup service will not use the built-in `interwiki` database table,
            but instead use this static array as its source.
            This cache data structure can be generated by the `dumpInterwiki.php` maintenance
            script (which lives in the WikimediaMaintenance repository) and has key
            formats such as the following:
             - dbname:key - a simple key (e.g. enwiki:meta)
             - _sitename:key - site-scope key (e.g. wiktionary:meta)
             - __global:key - global-scope key (e.g. __global:meta)
             - __sites:dbname - site mapping (e.g. __sites:enwiki)
            Sites mapping just specifies site name, other keys provide "local url"
            data layout.
            @see \MediaWiki\Interwiki\ClassicInterwikiLookup
    InterwikiScopes:
        default: 3
        description: |-
            Specify number of domains to check for messages.
            - 1: Just wiki(db)-level
            - 2: wiki and global levels
            - 3: site levels
    InterwikiFallbackSite:
        default: wiki
        description: 'Fallback site, if unable to resolve from cache'
    RedirectSources:
        default: false
        description: |-
            If local interwikis are set up which allow redirects,
            set this regexp to restrict URLs which will be displayed
            as 'redirected from' links.
            **Example:**
            It might look something like this:
            ```
            $wgRedirectSources = '!^https?://[a-z-]+\.wikipedia\.org/!';
            ```
            Leave at false to avoid displaying any incoming redirect markers.
            This does not affect intra-wiki redirects, which don't change
            the URL.
    SiteTypes:
        default:
            mediawiki: MediaWiki\Site\MediaWikiSite
        type: object
        description: |-
            Register handlers for specific types of sites.
            @since 1.21
    MaxTocLevel:
        default: 999
        description: 'Maximum indent level of toc.'
    MaxPPNodeCount:
        default: 1000000
        description: |-
            A complexity limit on template expansion: the maximum number of nodes visited
            by PPFrame::expand()
    MaxTemplateDepth:
        default: 100
        description: |-
            Maximum recursion depth for templates within templates.
            The current parser adds two levels to the PHP call stack for each template,
            and xdebug limits the call stack to 256 by default. So this should hopefully
            stop the parser before it hits the xdebug limit.
    MaxPPExpandDepth:
        default: 100
        description: '@see self::MaxTemplateDepth'
    UrlProtocols:
        default:
            - 'bitcoin:'
            - 'ftp://'
            - 'ftps://'
            - 'geo:'
            - 'git://'
            - 'gopher://'
            - 'http://'
            - 'https://'
            - 'irc://'
            - 'ircs://'
            - 'magnet:'
            - 'mailto:'
            - 'matrix:'
            - 'mms://'
            - 'news:'
            - 'nntp://'
            - 'redis://'
            - 'sftp://'
            - 'sip:'
            - 'sips:'
            - 'sms:'
            - 'ssh://'
            - 'svn://'
            - 'tel:'
            - 'telnet://'
            - 'urn:'
            - 'worldwind://'
            - 'xmpp:'
            - //
        type: array
        description: |-
            URL schemes that should be recognized as valid by wfParseUrl().
            WARNING: Do not add 'file:' to this or internal file links will be broken.
            Instead, if you want to support file links, add 'file://'. The same applies
            to any other protocols with the same name as a namespace. See task T46011 for
            more information.
            @see \wfParseUrl
    CleanSignatures:
        default: true
        description: 'If true, removes (by substituting) templates in signatures.'
    AllowExternalImages:
        default: false
        description: 'Whether to allow inline image pointing to other websites'
    AllowExternalImagesFrom:
        default: ''
        description: |-
            If the above is false, you can specify an exception here. Image URLs
            that start with this string are then rendered, while all others are not.
            You can use this to set up a trusted, simple repository of images.
            You may also specify an array of strings to allow multiple sites
            **Examples:**
            ```
            $wgAllowExternalImagesFrom = 'http://127.0.0.1/';
            $wgAllowExternalImagesFrom = [ 'http://127.0.0.1/', 'http://example.com' ];
            ```
    EnableImageWhitelist:
        default: false
        description: |-
            If $wgAllowExternalImages is false, you can allow an on-wiki
            allow list of regular expression fragments to match the image URL
            against. If the image matches one of the regular expression fragments,
            the image will be displayed.
            Set this to true to enable the on-wiki allow list (MediaWiki:External image whitelist)
            Or false to disable it
            @since 1.14
    TidyConfig:
        default: {  }
        type: object
        description: |-
            Configuration for HTML postprocessing tool. Set this to a configuration
            array to enable an external tool. By default, we now use the RemexHtml
            library; historically, other postprocessors were used.
            Setting this to null will use default settings.
            Keys include:
             - treeMutationTrace: a boolean to turn on Remex tracing
             - serializerTrace: a boolean to turn on Remex tracing
             - mungerTrace: a boolean to turn on Remex tracing
             - pwrap: whether <p> wrapping should be done (default true)
            See includes/tidy/RemexDriver.php for detail on configuration.
            Overriding the default configuration is strongly discouraged in
            production.
    ParsoidSettings:
        default:
            useSelser: true
        type: object
        description: |-
            Default Parsoid configuration.
            Overriding the default configuration is strongly discouraged in
            production.
            @since 1.39
    ParserEnableLegacyMediaDOM:
        default: false
        deprecated: 'since 1.41'
        description: |-
            Enable legacy media HTML structure in the output from the Parser.  The
            alternative modern HTML structure that replaces it is described at
            https://www.mediawiki.org/wiki/Parsing/Media_structure
            @deprecated since 1.41
            @since 1.36
    ParserEnableLegacyHeadingDOM:
        default: true
        description: |-
            Enable legacy HTML structure for headings in the output from the Parser.
            The legacy structure includes section edit links (and other markup added
            by some extensions) inside the headings rather than outside them, leading
            to poor accessibility. This doesn't affect headings on special pages.
            Note that each skin also has to indicate support for the new structure.
            More information: https://www.mediawiki.org/wiki/Heading_HTML_changes
            @since 1.43
    UseContentMediaStyles:
        default: false
        deprecated: 'since 1.41'
        description: |-
            Enable shipping the styles for the media HTML structure that replaces
            legacy, when $wgParserEnableLegacyMediaDOM is `false`.  This is configured
            separately so that it can continue to be served after the latter is disabled
            but still in the cache.
            @deprecated since 1.41
            @internal Temporary flag, T51097.
            @since 1.38
    UseLegacyMediaStyles:
        default: false
        description: |-
            Disable shipping the styles for the legacy media HTML structure
            that has been replaced when $wgParserEnableLegacyMediaDOM is `false`.  This is
            configured separately to give time for templates and extensions that mimic the
            parser output to be migrated away.
            @internal Temporary feature flag for T318433.
            @since 1.41
    RawHtml:
        default: false
        description: |-
            Allow raw, unchecked HTML in "<html>...</html>" sections.
            THIS IS VERY DANGEROUS on a publicly editable site, so USE $wgGroupPermissions
            TO RESTRICT EDITING to only those that you trust
    ExternalLinkTarget:
        default: false
        description: |-
            Set a default target for external links, e.g. _blank to pop up a new window.
            This will also set the "noreferrer" and "noopener" link rel to prevent the
            attack described at https://mathiasbynens.github.io/rel-noopener/ .
            Some older browsers may not support these link attributes, hence
            setting $wgExternalLinkTarget to _blank may represent a security risk
            to some of your users.
    NoFollowLinks:
        default: true
        description: |-
            If true, external URL links in wiki text will be given the
            rel="nofollow" attribute as a hint to search engines that
            they should not be followed for ranking purposes as they
            are user-supplied and thus subject to spamming.
    NoFollowNsExceptions:
        default: []
        type: array
        description: |-
            Namespaces in which $wgNoFollowLinks doesn't apply.
            See Language.php for a list of namespaces.
    NoFollowDomainExceptions:
        default:
            - mediawiki.org
        type: array
        description: |-
            If this is set to an array of domains, external links to these domain names
            (or any subdomains) will not be set to rel="nofollow" regardless of the
            value of $wgNoFollowLinks.  For instance:
            $wgNoFollowDomainExceptions = [ 'en.wikipedia.org', 'wiktionary.org', 'mediawiki.org' ];
            This would add rel="nofollow" to links to de.wikipedia.org, but not
            en.wikipedia.org, wiktionary.org, en.wiktionary.org, us.en.wikipedia.org,
            etc.
            Defaults to mediawiki.org for the links included in the software by default.
    RegisterInternalExternals:
        default: false
        description: |-
            By default MediaWiki does not register links pointing to same server in
            externallinks dataset, use this value to override:
    AllowDisplayTitle:
        default: true
        description: 'Allow DISPLAYTITLE to change title display'
    RestrictDisplayTitle:
        default: true
        description: |-
            For consistency, restrict DISPLAYTITLE to text that normalizes to the same
            canonical DB key. Also disallow some inline CSS rules like display: none;
            which can cause the text to be hidden or unselectable.
    ExpensiveParserFunctionLimit:
        default: 100
        description: |-
            Maximum number of calls per parse to expensive parser functions such as
            PAGESINCATEGORY.
    PreprocessorCacheThreshold:
        default: 1000
        description: |-
            Preprocessor caching threshold
            Setting it to 'false' will disable the preprocessor cache.
    EnableScaryTranscluding:
        default: false
        description: 'Enable interwiki transcluding.  Only when iw_trans=1 in the interwiki table.'
    TranscludeCacheExpiry:
        default: 3600
        description: |-
            Expiry time for transcluded templates cached in object cache.
            Only used $wgEnableInterwikiTranscluding is set to true.
    EnableMagicLinks:
        default:
            ISBN: false
            PMID: false
            RFC: false
        type: object
        description: |-
            Enable the magic links feature of automatically turning ISBN xxx,
            PMID xxx, RFC xxx into links
            @since 1.28
    ArticleCountMethod:
        default: link
        description: |-
            Method used to determine if a page in a content namespace should be counted
            as a valid article.
            Redirect pages will never be counted as valid articles.
            This variable can have the following values:
            - 'any': all pages as considered as valid articles
            - 'link': the page must contain a [[wiki link]] to be considered valid
            See also See https://www.mediawiki.org/wiki/Manual:Article_count
            Retroactively changing this variable will not affect the existing count,
            to update it, you will need to run the maintenance/updateArticleCount.php
            script.
    ActiveUserDays:
        default: 30
        description: |-
            How many days user must be idle before he is considered inactive. Will affect
            the number shown on Special:Statistics, Special:ActiveUsers, and the
            {{NUMBEROFACTIVEUSERS}} magic word in wikitext.
            You might want to leave this as the default value, to provide comparable
            numbers between different wikis.
    LearnerEdits:
        default: 10
        description: |-
            The following variables define 3 user experience levels:
            - newcomer: has not yet reached the 'learner' level
            - learner: has at least $wgLearnerEdits and has been
                       a member for $wgLearnerMemberSince days
                       but has not yet reached the 'experienced' level.
            - experienced: has at least $wgExperiencedUserEdits edits and
                           has been a member for $wgExperiencedUserMemberSince days.
    LearnerMemberSince:
        default: 4
        description: |-
            Number of days the user must exist before becoming a learner.
            @see self::LearnerEdits
    ExperiencedUserEdits:
        default: 500
        description: |-
            Number of edits the user must have before becoming "experienced".
            @see self::LearnerEdits
    ExperiencedUserMemberSince:
        default: 30
        description: |-
            Number of days the user must exist before becoming "experienced".
            @see self::LearnerEdits
    ManualRevertSearchRadius:
        default: 15
        type: integer
        description: |-
            Maximum number of revisions of a page that will be checked against every new edit
            made to determine whether the edit was a manual revert.
            Computational time required increases roughly linearly with this configuration
            variable.
            Larger values will let you detect very deep reverts, but at the same time can give
            unexpected results (such as marking large amounts of edits as reverts) and may slow
            down the wiki slightly when saving new edits.
            Setting this to 0 will disable the manual revert detection feature entirely.
            See this document for a discussion on this topic:
            https://meta.wikimedia.org/wiki/Research:Revert
            @since 1.36
    RevertedTagMaxDepth:
        default: 15
        type: integer
        description: |-
            Maximum depth (revision count) of reverts that will have their reverted edits marked
            with the mw-reverted change tag. Reverts deeper than that will not have any edits
            marked as reverted at all.
            Large values can lead to lots of revisions being marked as "reverted", which may appear
            confusing to users.
            Setting this to 0 will disable the reverted tag entirely.
            @since 1.36
    CentralIdLookupProviders:
        default:
            local: { class: MediaWiki\User\CentralId\LocalIdLookup, services: [MainConfig, DBLoadBalancerFactory, HideUserUtils] }
        type: object
        description: |-
            Central ID lookup providers
            Key is the provider ID, value is a specification for ObjectFactory
            @since 1.27
    CentralIdLookupProvider:
        default: local
        type: string
        description: 'Central ID lookup provider to use by default'
    UserRegistrationProviders:
        default:
            local: { class: MediaWiki\User\Registration\LocalUserRegistrationProvider, services: [UserFactory] }
        type: object
        description: |-
            User registration timestamp provider classes
            @since 1.41
    PasswordPolicy:
        default:
            policies: { bureaucrat: { MinimalPasswordLength: 10, MinimumPasswordLengthToLogin: 1 }, sysop: { MinimalPasswordLength: 10, MinimumPasswordLengthToLogin: 1 }, interface-admin: { MinimalPasswordLength: 10, MinimumPasswordLengthToLogin: 1 }, bot: { MinimalPasswordLength: 10, MinimumPasswordLengthToLogin: 1 }, default: { MinimalPasswordLength: { value: 8, suggestChangeOnLogin: true }, PasswordCannotBeSubstringInUsername: { value: true, suggestChangeOnLogin: true }, PasswordCannotMatchDefaults: { value: true, suggestChangeOnLogin: true }, MaximalPasswordLength: { value: 4096, suggestChangeOnLogin: true }, PasswordNotInCommonList: { value: true, suggestChangeOnLogin: true } } }
            checks: { MinimalPasswordLength: [MediaWiki\Password\PasswordPolicyChecks, checkMinimalPasswordLength], MinimumPasswordLengthToLogin: [MediaWiki\Password\PasswordPolicyChecks, checkMinimumPasswordLengthToLogin], PasswordCannotBeSubstringInUsername: [MediaWiki\Password\PasswordPolicyChecks, checkPasswordCannotBeSubstringInUsername], PasswordCannotMatchDefaults: [MediaWiki\Password\PasswordPolicyChecks, checkPasswordCannotMatchDefaults], MaximalPasswordLength: [MediaWiki\Password\PasswordPolicyChecks, checkMaximalPasswordLength], PasswordNotInCommonList: [MediaWiki\Password\PasswordPolicyChecks, checkPasswordNotInCommonList] }
        type: object
        mergeStrategy: array_replace_recursive
        description: |-
            Password policy for the wiki.
            Structured as
            ```
            [
                'policies' => [ <group> => [ <policy> => <settings>, ... ], ... ],
                'checks' => [ <policy> => <callback>, ... ],
            ]
            ```
            where <group> is a user group, <policy> is a password policy name
            (arbitrary string) defined in the 'checks' part, <callback> is the
            PHP callable implementing the policy check, <settings> is an array
            of options with the following keys:
            - value: (number, boolean or null) the value to pass to the callback
            - forceChange: (boolean, default false) if the password is invalid, do
              not let the user log in without changing the password
            - suggestChangeOnLogin: (boolean, default false) if true and the password is
              invalid, suggest a password change if logging in. If all the failing policies
              that apply to the user have this set to false, the password change
              screen will not be shown. 'forceChange' takes precedence over
              'suggestChangeOnLogin' if they are both present.
            As a shorthand for [ 'value' => <value> ], simply <value> can be written.
            When multiple password policies are defined for a user, the settings
            arrays are merged, and for fields which are set in both arrays, the
            larger value (as understood by PHP's 'max' method) is taken.
            A user's effective policy is the superset of all policy statements
            from the policies for the groups where the user is a member. If more
            than one group policy include the same policy statement, the value is
            the max() of the values. Note true > false. The 'default' policy group
            is required, and serves as the minimum policy for all users.
            Callbacks receive three arguments: the policy value, the User object
            and the password; and must return a StatusValue. A non-good status
            means the password will not be accepted for new accounts, and existing
            accounts will be prompted for password change or barred from logging in
            (depending on whether the status is a fatal or merely error/warning).
            The checks supported by core are:
            - MinimalPasswordLength - Minimum length a user can set.
            - MinimumPasswordLengthToLogin - Passwords shorter than this will
               not be allowed to login, or offered a chance to reset their password
               as part of the login workflow, regardless if it is correct.
            - MaximalPasswordLength - maximum length password a user is allowed
               to attempt. Prevents DoS attacks with pbkdf2.
            - PasswordCannotBeSubstringInUsername - Password cannot be a substring
               (contained within) the username.
            - PasswordCannotMatchDefaults - Username/password combination cannot
               match a list of default passwords used by MediaWiki in the past.
            - PasswordNotInCommonList - Password not in best practices list of
               100,000 commonly used passwords. Due to the size of the list this
               is a probabilistic test.
            If you add custom checks, for Special:PasswordPolicies to display them correctly,
            every check should have a corresponding passwordpolicies-policy-<check> message,
            and every settings field other than 'value' should have a corresponding
            passwordpolicies-policyflag-<flag> message (<check> and <flag> are in lowercase).
            The check message receives the policy value as a parameter, the flag message
            receives the flag value (or values if it's an array).
            @since 1.26
            @see \MediaWiki\Password\PasswordPolicyChecks
            @see \MediaWiki\User\User::checkPasswordValidity()
    AuthManagerConfig:
        default: null
        type:
            - object
            - 'null'
        description: |-
            Configure AuthManager
            All providers are constructed using ObjectFactory, see that for the general
            structure. The array may also contain a key "sort" used to order providers:
            providers are stably sorted by this value, which should be an integer
            (default is 0).
            Elements are:
            - preauth: Array (keys ignored) of specifications for PreAuthenticationProviders
            - primaryauth: Array (keys ignored) of specifications for PrimaryAuthenticationProviders
            - secondaryauth: Array (keys ignored) of specifications for SecondaryAuthenticationProviders
            @since 1.27
            @note If this is null or empty, the value from $wgAuthManagerAutoConfig is
            used instead. Local customization should generally set this variable from
            scratch to the desired configuration. Extensions that want to
            auto-configure themselves should use $wgAuthManagerAutoConfig instead.
    AuthManagerAutoConfig:
        default:
            preauth: { MediaWiki\Auth\ThrottlePreAuthenticationProvider: { class: MediaWiki\Auth\ThrottlePreAuthenticationProvider, sort: 0 } }
            primaryauth: { MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider: { class: MediaWiki\Auth\TemporaryPasswordPrimaryAuthenticationProvider, services: [DBLoadBalancerFactory, UserOptionsLookup], args: [{ authoritative: false }], sort: 0 }, MediaWiki\Auth\LocalPasswordPrimaryAuthenticationProvider: { class: MediaWiki\Auth\LocalPasswordPrimaryAuthenticationProvider, services: [DBLoadBalancerFactory], args: [{ authoritative: true }], sort: 100 } }
            secondaryauth: { MediaWiki\Auth\CheckBlocksSecondaryAuthenticationProvider: { class: MediaWiki\Auth\CheckBlocksSecondaryAuthenticationProvider, sort: 0 }, MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider: { class: MediaWiki\Auth\ResetPasswordSecondaryAuthenticationProvider, sort: 100 }, MediaWiki\Auth\EmailNotificationSecondaryAuthenticationProvider: { class: MediaWiki\Auth\EmailNotificationSecondaryAuthenticationProvider, services: [DBLoadBalancerFactory], sort: 200 } }
        type: object
        mergeStrategy: array_plus_2d
        description: |-
            @see self::AuthManagerConfig
            @since 1.27
    RememberMe:
        default: choose
        type: string
        description: |-
            Configures RememberMe authentication request added by AuthManager. It can show a "remember
            me" checkbox that, when checked, will cause it to take more time for the authenticated
            session to expire. It can also be configured to always or to never extend the authentication
            session.
            Valid values are listed in RememberMeAuthenticationRequest::ALLOWED_FLAGS.
            @since 1.36
    ReauthenticateTime:
        default:
            default: 300
        type: object
        additionalProperties:
            type: integer
        description: |-
            Time frame for re-authentication.
            With only password-based authentication, you'd just ask the user to re-enter
            their password to verify certain operations like changing the password or
            changing the account's email address. But under AuthManager, the user might
            not have a password (you might even have to redirect the browser to a
            third-party service or something complex like that), you might want to have
            both factors of a two-factor authentication, and so on. So, the options are:
            - Incorporate the whole multi-step authentication flow within everything
              that needs to do this.
            - Consider it good if they used Special:UserLogin during this session within
              the last X seconds.
            - Come up with a third option.
            MediaWiki currently takes the second option. This setting configures the
            "X seconds".
            This allows for configuring different time frames for different
            "operations". The operations used in MediaWiki core include:
            - LinkAccounts
            - UnlinkAccount
            - ChangeCredentials
            - RemoveCredentials
            - ChangeEmail
            Additional operations may be used by extensions, either explicitly by
            calling AuthManager::securitySensitiveOperationStatus(),
            ApiAuthManagerHelper::securitySensitiveOperation() or
            SpecialPage::checkLoginSecurityLevel(), or implicitly by overriding
            SpecialPage::getLoginSecurityLevel() or by subclassing
            AuthManagerSpecialPage.
            The key 'default' is used if a requested operation isn't defined in the array.
            @since 1.27
    AllowSecuritySensitiveOperationIfCannotReauthenticate:
        default:
            default: true
        type: object
        additionalProperties:
            type: boolean
        description: |-
            Whether to allow security-sensitive operations when re-authentication is not possible.
            If AuthManager::canAuthenticateNow() is false (e.g. the current
            SessionProvider is not able to change users, such as when OAuth is in use),
            AuthManager::securitySensitiveOperationStatus() cannot sensibly return
            SEC_REAUTH. Setting an operation true here will have it return SEC_OK in
            that case, while setting it false will have it return SEC_FAIL.
            The key 'default' is used if a requested operation isn't defined in the array.
            @since 1.27
            @see self::ReauthenticateTime
    ChangeCredentialsBlacklist:
        default:
            - MediaWiki\Auth\TemporaryPasswordAuthenticationRequest
        type: array
        items:
            type: string
        description: |-
            List of AuthenticationRequest class names which are not changeable through
            Special:ChangeCredentials and the changeauthenticationdata API.
            This is only enforced on the client level; AuthManager itself (e.g.
            AuthManager::allowsAuthenticationDataChange calls) is not affected.
            Class names are checked for exact match (not for subclasses).
            @since 1.27
    RemoveCredentialsBlacklist:
        default:
            - MediaWiki\Auth\PasswordAuthenticationRequest
        type: array
        items:
            type: string
        description: |-
            List of AuthenticationRequest class names which are not removable through
            Special:RemoveCredentials and the removeauthenticationdata API.
            This is only enforced on the client level; AuthManager itself (e.g.
            AuthManager::allowsAuthenticationDataChange calls) is not affected.
            Class names are checked for exact match (not for subclasses).
            @since 1.27
    InvalidPasswordReset:
        default: true
        description: |-
            Specifies if users should be sent to a password-reset form on login, if their
            password doesn't meet the requirements of User::isValidPassword().
            @since 1.23
    PasswordDefault:
        default: pbkdf2
        description: |-
            Default password type to use when hashing user passwords.
            Must be set to a type defined in $wgPasswordConfig, or a type that
            is registered by default in PasswordFactory.php.
            @since 1.24
    PasswordConfig:
        default:
            A: { class: MediaWiki\Password\MWOldPassword }
            B: { class: MediaWiki\Password\MWSaltedPassword }
            pbkdf2-legacyA: { class: MediaWiki\Password\LayeredParameterizedPassword, types: [A, pbkdf2] }
            pbkdf2-legacyB: { class: MediaWiki\Password\LayeredParameterizedPassword, types: [B, pbkdf2] }
            bcrypt: { class: MediaWiki\Password\BcryptPassword, cost: 9 }
            pbkdf2: { class: MediaWiki\Password\Pbkdf2PasswordUsingOpenSSL, algo: sha512, cost: '30000', length: '64' }
            argon2: { class: MediaWiki\Password\Argon2Password, algo: auto }
        type: object
        description: |-
            Configuration for built-in password types.
            Maps the password type to an array of options:
            - class: The Password class to use.
            - factory (since 1.40): A function that creates and returns a suitable Password object.
              This option is intended only for internal use; the function signature is unstable and
              subject to change in future versions.
            All other options are class-dependent.
            An advanced example:
            ```
            $wgPasswordConfig['bcrypt-peppered'] = [
                'class' => EncryptedPassword::class,
                'underlying' => 'bcrypt',
                'secrets' => [
                    hash( 'sha256', 'secret', true ),
                ],
                'cipher' => 'aes-256-cbc',
            ];
            ```
            @since 1.24
    PasswordResetRoutes:
        default:
            username: true
            email: true
        type: object
        description: |-
            Whether to allow password resets ("enter some identifying data, and we'll send an email
            with a temporary password you can use to get back into the account") identified by
            various bits of data.  Setting all of these to false (or the whole variable to false)
            has the effect of disabling password resets entirely
    MaxSigChars:
        default: 255
        description: 'Maximum number of Unicode characters in signature'
    SignatureValidation:
        default: warning
        description: |-
            Behavior of signature validation. Allowed values are:
             - 'warning' - invalid signatures cause a warning to be displayed on the preferences page,
            but they are still used when signing comments; new invalid signatures can still be saved as
            normal
             - 'new' - existing invalid signatures behave as above; new invalid signatures can't be
            saved
             - 'disallow' - existing invalid signatures are no longer used when signing comments; new
            invalid signatures can't be saved
            @since 1.35
    SignatureAllowedLintErrors:
        default:
            - obsolete-tag
        type: array
        description: |-
            List of lint error codes which don't cause signature validation to fail.
            @see https://www.mediawiki.org/wiki/Help:Lint_errors
            @since 1.35
    MaxNameChars:
        default: 255
        description: |-
            Maximum number of bytes in username. You want to run the maintenance
            script ./maintenance/checkUsernames.php once you have changed this value.
    ReservedUsernames:
        default:
            - 'MediaWiki default'
            - 'Conversion script'
            - 'Maintenance script'
            - 'Template namespace initialisation script'
            - ScriptImporter
            - 'Delete page script'
            - 'Move page script'
            - 'Command line script'
            - 'Unknown user'
            - 'msg:double-redirect-fixer'
            - 'msg:usermessage-editor'
            - 'msg:proxyblocker'
            - 'msg:sorbs'
            - 'msg:spambot_username'
            - 'msg:autochange-username'
        type: array
        description: |-
            Array of usernames which may not be registered or logged in from
            Maintenance scripts can still use these
            @see \MediaWiki\User\User::MAINTENANCE_SCRIPT_USER
    DefaultUserOptions:
        default:
            ccmeonemails: 0
            date: default
            diffonly: 0
            diff-type: table
            disablemail: 0
            editfont: monospace
            editondblclick: 0
            editrecovery: 0
            editsectiononrightclick: 0
            email-allow-new-users: 1
            enotifminoredits: 0
            enotifrevealaddr: 0
            enotifusertalkpages: 1
            enotifwatchlistpages: 1
            extendwatchlist: 1
            fancysig: 0
            forceeditsummary: 0
            forcesafemode: 0
            gender: unknown
            hidecategorization: 1
            hideminor: 0
            hidepatrolled: 0
            imagesize: 2
            minordefault: 0
            newpageshidepatrolled: 0
            nickname: ''
            norollbackdiff: 0
            prefershttps: 1
            previewonfirst: 0
            previewontop: 1
            pst-cssjs: 1
            rcdays: 7
            rcenhancedfilters-disable: 0
            rclimit: 50
            requireemail: 0
            search-match-redirect: true
            search-special-page: Search
            search-thumbnail-extra-namespaces: true
            searchlimit: 20
            showhiddencats: 0
            shownumberswatching: 1
            showrollbackconfirmation: 0
            skin: false
            skin-responsive: 1
            thumbsize: 5
            underline: 2
            useeditwarning: 1
            uselivepreview: 0
            usenewrc: 1
            watchcreations: 1
            watchdefault: 1
            watchdeletion: 0
            watchlistdays: 7
            watchlisthideanons: 0
            watchlisthidebots: 0
            watchlisthidecategorization: 1
            watchlisthideliu: 0
            watchlisthideminor: 0
            watchlisthideown: 0
            watchlisthidepatrolled: 0
            watchlistreloadautomatically: 0
            watchlistunwatchlinks: 0
            watchmoves: 0
            watchrollback: 0
            watchuploads: 1
            wlenhancedfilters-disable: 0
            wllimit: 250
        type: object
        description: |-
            Settings added to this array will override the default globals for the user
            preferences used by anonymous visitors and newly created accounts.
            For instance, to disable editing on double clicks:
            $wgDefaultUserOptions ['editondblclick'] = 0;
            To save storage space, no user_properties row will be stored for users with the
            default setting for a given option, even if the user manually selects that option.
            This means that a change to the defaults will change the setting for all users who
            have been using the default setting; there is no way for users to opt out of this.
            $wgConditionalUserOptions can be used to change the default value for future users
            only.
            @see self::ConditionalUserOptions
    ConditionalUserOptions:
        default: {  }
        type: object
        description: |-
            Conditional defaults for user options
            Map of user options to conditional defaults descriptors, which is an array
            of conditional cases [ VALUE, CONDITION1, CONDITION2 ], where VALUE is the default value for
            all users that meet ALL conditions, and each CONDITION is either a:
                (a) a CUDCOND_* constant (when condition does not take any arguments), or
                (b) an array [ CUDCOND_*, argument1, argument1, ... ] (when chosen condition takes at
                    least one argument).
            When `null` is used as the VALUE, it is interpreted as "no conditional default for this
            condition". In other words, `null` and $wgDefaultUserOptions['user-option'] can be used
            interchangeably as the VALUE.
            All conditions are evaluated in order. When no condition matches.
            $wgDefaultUserOptions is used instead.
            Example of valid configuration:
              $wgConditionalUserOptions['user-option'] = [
                  [ 'registered in 2024', [ CUDCOND_AFTER, '20240101000000' ] ]
              ];
            List of valid conditions:
              * CUDCOND_AFTER: user registered after given timestamp (args: string $timestamp)
              * CUDCOND_ANON: allows specifying a default for anonymous (logged-out, non-temporary) users
              * CUDCOND_NAMED: allows specifying a default for named (registered, non-temporary) users
              * CUDCOND_USERGROUP: users with a specific user group
            @since 1.42
            @see self::DefaultUserOptions
    HiddenPrefs:
        default: []
        type: array
        description: 'An array of preferences to not show for the user'
    InvalidUsernameCharacters:
        default: '@:>='
        description: |-
            Characters to prevent during new account creations.
            This is used in a regular expression character class during
            registration (regex metacharacters like / are escaped).
    UserrightsInterwikiDelimiter:
        default: '@'
        description: |-
            Character used as a delimiter when testing for interwiki userrights
            (In Special:UserRights, it is possible to modify users on different
            databases if the delimiter is used, e.g. "Someuser@enwiki").
            It is recommended that you have this delimiter in
            $wgInvalidUsernameCharacters above, or you will not be able to
            modify the user rights of those users via Special:UserRights
    SecureLogin:
        default: false
        description: |-
            This is to let user authenticate using https when they come from http.
            Based on an idea by George Herbert on wikitech-l:
            https://lists.wikimedia.org/pipermail/wikitech-l/2010-October/050039.html
            @since 1.17
    AuthenticationTokenVersion:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Versioning for authentication tokens.
            If non-null, this is combined with the user's secret (the user_token field
            in the DB) to generate the token cookie. Changing this will invalidate all
            active sessions (i.e. it will log everyone out).
            @since 1.27
    SessionProviders:
        type: object
        default:
            MediaWiki\Session\CookieSessionProvider: { class: MediaWiki\Session\CookieSessionProvider, args: [{ priority: 30 }] }
            MediaWiki\Session\BotPasswordSessionProvider: { class: MediaWiki\Session\BotPasswordSessionProvider, args: [{ priority: 75 }], services: [GrantsInfo] }
        description: |-
            MediaWiki\Session\SessionProvider configuration.
            Values are ObjectFactory specifications for the SessionProviders to be
            used. Keys in the array are ignored; the class name is conventionally
            used as the key to avoid collisions. Order is not significant.
            @since 1.27
    AllowRequiringEmailForResets:
        default: false
        description: |-
            Whether users will see a checkbox allowing them to require providing email during password resets.
            @unstable EXPERIMENTAL This feature is under development, don't assume this flag's existence
            or function outside of Wikimedia Foundation wikis.
    AutoCreateTempUser:
        properties:
            known: { type: boolean, default: false }
            enabled: { type: boolean, default: false }
            actions: { type: array, default: [edit] }
            genPattern: { type: string, default: ~$1 }
            matchPattern: { type: [string, array, 'null'], default: null }
            reservedPattern: { type: [string, 'null'], default: ~$1 }
            serialProvider: { type: object, default: { type: local, useYear: true } }
            serialMapping: { type: object, default: { type: plain-numeric } }
            expireAfterDays: { type: [integer, 'null'], default: 90 }
            notifyBeforeExpirationDays: { type: [integer, 'null'], default: 10 }
        type: object
        description: |-
            Configuration for automatic creation of temporary accounts on page save.
            This can be enabled to avoid exposing the IP addresses of casual editors who
            do not explicitly create an account.
            @warning This is EXPERIMENTAL, enabling may break extensions.
            An associative array with the following keys:
              - known: (bool) Whether auto-creation is known about. Set this to 'true' if
                temp accounts have been created on this wiki already. This setting allows
                temp users to be recognized even if auto-creation is currently disabled.
                If auto-creation is enabled via the 'enabled' property, then 'known' is
                overriden to true.
              - enabled: (bool) Whether auto-creation is enabled. If changing this
                value from 'true' to 'false', you should also set 'known' to true, so
                that relevant code can continue to identify temporary accounts as
                visually and conceptually distinct from anonymous accounts and named accounts.
              - actions: (array) A list of actions for which the feature is enabled.
                Currently only "edit" is supported.
              - genPattern: (string) The pattern used when generating new usernames.
                This should have "$1" indicating the place where the serial string will
                be substituted.
              - matchPattern: (string|string[]|null) The pattern used when determining whether a
                username is a temporary user. This affects the rights of the user
                and also prevents explicit creation of users with matching names.
                This is ignored if "enabled" is false. If the value is null, the
                the genPattern value is used as the matchPattern.
              - reservedPattern: (string) A pattern used to determine whether a
                username should be denied for explicit creation, in addition to
                matchPattern. This is used even if "enabled" is false.
              - serialProvider: (array) Configuration for generation of unique integer
                indexes which are used to make temporary usernames.
                  - type: (string) May be "local" to allocate indexes using the local
                    database. If the CentralAuth extension is enabled, it may be
                    "centralauth". Extensions may plug in additional types using the
                    TempUserSerialProviders attribute.
                  - numShards (int, default 1): A small integer. This can be set to a
                    value greater than 1 to avoid acquiring a global lock when
                    allocating IDs, at the expense of making the IDs be non-monotonic.
                  - useYear: (bool) Restart at 1 each time the year changes (in UTC).
                    To avoid naming conflicts, the year is included in the name after
                    the prefix, in the form 'YYYY-'.
              - serialMapping: (array) Configuration for mapping integer indexes to strings
                to substitute into genPattern.
                  - type: (string) May be
                    - "plain-numeric" to use ASCII decimal numbers
                    - "localized-numeric" to use numbers localized using a specific language
                    - "filtered-radix" to use numbers in an arbitrary base between 2 and 36,
                      with an optional list of "bad" IDs to skip over.
                    - "scramble": to use ASCII decimal numbers that are short but
                      non-consecutive.
                  - language: (string) With "localized-numeric", the language code
                  - radix: (int) With "filtered-radix", the base
                  - badIndexes: (array) With "filtered-radix", an array with the bad unmapped
                    indexes in the values. The integers must be sorted and the list
                    must never change after the indexes have been allocated. The keys must
                    be zero-based array indexes.
                  - uppercase: (bool) With "filtered-radix", whether to use uppercase
                    letters, default false.
                  - offset: (int) With "plain-numeric", a constant to add to the stored index.
               - expireAfterDays: (int|null, default 90) If not null, how many days should the temporary
                 accounts expire? Requires expireTemporaryAccounts.php to be periodically executed in
                 order to work.
               - notifyBeforeExpirationDays: (int|null, default 10) If not null, how many days before the
                 expiration of a temporary account should it be notified that their account is to be expired.
            @unstable EXPERIMENTAL
            @since 1.39
        default: null
    AutoblockExpiry:
        default: 86400
        description: 'Number of seconds before autoblock entries expire. Default 86400 = 1 day.'
    BlockAllowsUTEdit:
        default: true
        description: |-
            Set this to true to allow blocked users to edit their own user talk page.
            This only applies to sitewide blocks. Partial blocks always allow users to
            edit their own user talk page unless otherwise specified in the block
            restrictions.
    BlockCIDRLimit:
        default:
            IPv4: 16
            IPv6: 19
        type: object
        description: |-
            Limits on the possible sizes of range blocks.
            CIDR notation is hard to understand, it's easy to mistakenly assume that a
            /1 is a small range and a /31 is a large range. For IPv4, setting a limit of
            half the number of bits avoids such errors, and allows entire ISPs to be
            blocked using a small number of range blocks.
            For IPv6, RFC 3177 recommends that a /48 be allocated to every residential
            customer, so range blocks larger than /64 (half the number of bits) will
            plainly be required. RFC 4692 implies that a very large ISP may be
            allocated a /19 if a generous HD-Ratio of 0.8 is used, so we will use that
            as our limit. As of 2012, blocking the whole world would require a /4 range.
    BlockDisablesLogin:
        default: false
        description: |-
            If true, sitewide blocked users will not be allowed to login. (Direct
            blocks only; IP blocks are ignored.) This can be used to remove users'
            read access on a private wiki.
    EnablePartialActionBlocks:
        default: false
        type: boolean
        description: |-
            Flag to enable partial blocks against performing certain actions.
            @unstable Temporary feature flag, T280532
            @since 1.37
    EnableMultiBlocks:
        default: false
        type: boolean
        description: |-
            If this is false, the number of blocks of a given target is limited to only 1.
            @since 1.42
    BlockTargetMigrationStage:
        default: 768
        type: integer
        description: |4-
             Ipblocks table schema migration stage, for normalizing ipb_address field and
            	adding the block_target table.
            Use the SCHEMA_COMPAT_XXX flags. Supported values:
              - SCHEMA_COMPAT_OLD
              - SCHEMA_COMPAT_WRITE_BOTH | SCHEMA_COMPAT_READ_OLD
              - SCHEMA_COMPAT_NEW
            History:
              - 1.42: Added
              - 1.43: Default changed from SCHEMA_COMPAT_OLD to SCHEMA_COMPAT_NEW
              - 1.43: Deprecated, ignored, SCHEMA_COMPAT_NEW is implied
            @deprecated since 1.43
    WhitelistRead:
        default: false
        description: |-
            Pages anonymous user may see, set as an array of pages titles.
            **Example:**
            ```
            $wgWhitelistRead = [ "Main Page", "Wikipedia:Help" ];
            ```
            Special:Userlogin and Special:ChangePassword are always allowed.
            @note This will only work if $wgGroupPermissions['*']['read'] is false --
            see below. Otherwise, ALL pages are accessible, regardless of this setting.
            @note Also that this will only protect _pages in the wiki_. Uploaded files
            will remain readable. You can use img_auth.php to protect uploaded files,
            see https://www.mediawiki.org/wiki/Manual:Image_Authorization
            @note Extensions should not modify this, but use the TitleReadWhitelist
            hook instead.
    WhitelistReadRegexp:
        default: false
        description: |-
            Pages anonymous user may see, set as an array of regular expressions.
            This function will match the regexp against the title name, which
            is without underscore.
            **Example:**
            To whitelist [[Main Page]]:
            ```
            $wgWhitelistReadRegexp = [ "/Main Page/" ];
            ```
            @note Unless ^ and/or $ is specified, a regular expression might match
            pages not intended to be allowed.  The above example will also
            allow a page named 'Security Main Page'.
            **Example:**
            To allow reading any page starting with 'User' regardless of the case:
            ```
            $wgWhitelistReadRegexp = [ "@^UsEr.*@i" ];
            ```
            Will allow both [[User is banned]] and [[User:JohnDoe]]
            @note This will only work if $wgGroupPermissions['*']['read'] is false --
            see below. Otherwise, ALL pages are accessible, regardless of this setting.
    EmailConfirmToEdit:
        default: false
        description: |-
            Should editors be required to have a validated e-mail
            address before being allowed to edit?
    HideIdentifiableRedirects:
        default: true
        description: |-
            Should MediaWiki attempt to protect user's privacy when doing redirects?
            Keep this true if access counts to articles are made public.
    GroupPermissions:
        type: object
        additionalProperties:
            type: object
            additionalProperties: { type: boolean }
        mergeStrategy: array_plus_2d
        default:
            '*': { createaccount: true, read: true, edit: true, createpage: true, createtalk: true, viewmyprivateinfo: true, editmyprivateinfo: true, editmyoptions: true }
            user: { move: true, move-subpages: true, move-rootuserpages: true, move-categorypages: true, movefile: true, read: true, edit: true, createpage: true, createtalk: true, upload: true, reupload: true, reupload-shared: true, minoredit: true, editmyusercss: true, editmyuserjson: true, editmyuserjs: true, editmyuserjsredirect: true, sendemail: true, applychangetags: true, changetags: true, editcontentmodel: true, viewmywatchlist: true, editmywatchlist: true }
            autoconfirmed: { autoconfirmed: true, editsemiprotected: true }
            bot: { bot: true, autoconfirmed: true, editsemiprotected: true, nominornewtalk: true, autopatrol: true, suppressredirect: true, apihighlimits: true }
            sysop: { block: true, createaccount: true, delete: true, bigdelete: true, deletedhistory: true, deletedtext: true, undelete: true, editinterface: true, editsitejson: true, edituserjson: true, import: true, importupload: true, move: true, move-subpages: true, move-rootuserpages: true, move-categorypages: true, patrol: true, autopatrol: true, protect: true, editprotected: true, rollback: true, upload: true, reupload: true, reupload-shared: true, unwatchedpages: true, autoconfirmed: true, editsemiprotected: true, ipblock-exempt: true, blockemail: true, markbotedits: true, apihighlimits: true, browsearchive: true, noratelimit: true, movefile: true, unblockself: true, suppressredirect: true, mergehistory: true, managechangetags: true, deletechangetags: true }
            interface-admin: { editinterface: true, editsitecss: true, editsitejson: true, editsitejs: true, editusercss: true, edituserjson: true, edituserjs: true }
            bureaucrat: { userrights: true, noratelimit: true, renameuser: true }
            suppress: { hideuser: true, suppressrevision: true, viewsuppressed: true, suppressionlog: true, deleterevision: true, deletelogentry: true }
        description: |-
            Permission keys given to users in each group.
            This is an array where the keys are all groups and each value is an
            array of the format (right => boolean).
            The second format is used to support per-namespace permissions.
            Note that this feature does not fully work for all permission types.
            All users are implicitly in the '*' group including anonymous visitors;
            logged-in users are all implicitly in the 'user' group. These will be
            combined with the permissions of all groups that a given user is listed
            in the user_groups table.
            Note: Don't set $wgGroupPermissions = []; unless you know what you're
            doing! This will wipe all permissions, and may mean that your users are
            unable to perform certain essential tasks or access new functionality
            when new permissions are introduced and default grants established.
            Functionality to make pages inaccessible has not been extensively tested
            for security. Use at your own risk!
            This replaces $wgWhitelistAccount and $wgWhitelistEdit
    PrivilegedGroups:
        default:
            - bureaucrat
            - interface-admin
            - suppress
            - sysop
        type: array
        description: |-
            List of groups which should be considered privileged (user accounts
            belonging in these groups can be abused in dangerous ways).
            This is used for some security checks, mainly logging.
            @since 1.41
            @see \MediaWiki\User\UserGroupManager::getUserPrivilegedGroups()
    RevokePermissions:
        default: {  }
        type: object
        mergeStrategy: array_plus_2d
        description: |-
            Permission keys revoked from users in each group.
            This acts the same way as $wgGroupPermissions above, except that
            if the user is in a group here, the permission will be removed from them.
            Improperly setting this could mean that your users will be unable to perform
            certain essential tasks, so use at your own risk!
    GroupInheritsPermissions:
        default: {  }
        type: object
        additionalProperties:
            type: string
        description: |-
            Groups that should inherit permissions from another group
            This allows defining a group that inherits its permissions
            from another group without having to copy all the permission
            grants over. For example, if you wanted a manual "confirmed"
            group that had the same permissions as "autoconfirmed":
            ```
            $wgGroupInheritsPermissions['confirmed'] = 'autoconfirmed';
            ```
            Recursive inheritance is currently not supported. In the above
            example, confirmed will only gain the permissions explicitly
            granted (or revoked) from autoconfirmed, not any permissions
            that autoconfirmed might inherit.
            @since 1.38
    ImplicitGroups:
        default:
            - '*'
            - user
            - autoconfirmed
        type: array
        description: 'Implicit groups, aren''t shown on Special:Listusers or somewhere else'
    GroupsAddToSelf:
        default: {  }
        type: object
        description: |-
            A map of group names that the user is in, to group names that those users
            are allowed to add or revoke.
            Setting the list of groups to add or revoke to true is equivalent to "any
            group".
            **Example:**
            To allow sysops to add themselves to the "bot" group:
            ```
            $wgGroupsAddToSelf = [ 'sysop' => [ 'bot' ] ];
            ```
            **Example:**
            Implicit groups may be used for the source group, for instance:
            ```
            $wgGroupsRemoveFromSelf = [ '*' => true ];
            ```
            This allows users in the '*' group (i.e. any user) to remove themselves from
            any group that they happen to be in.
    GroupsRemoveFromSelf:
        default: {  }
        type: object
        description: '@see self::GroupsAddToSelf'
    RestrictionTypes:
        default:
            - create
            - edit
            - move
            - upload
        type: array
        description: |-
            Set of available actions that can be restricted via action=protect
            You probably shouldn't change this.
            Translated through restriction-* messages.
            RestrictionStore::listApplicableRestrictionTypes() will remove restrictions that are not
            applicable to a specific title (create and upload)
    RestrictionLevels:
        default:
            - ''
            - autoconfirmed
            - sysop
        type: array
        description: |-
            Rights which can be required for each protection level (via action=protect)
            You can add a new protection level that requires a specific
            permission by manipulating this array. The ordering of elements
            dictates the order on the protection form's lists.
              - '' will be ignored (i.e. unprotected)
              - 'autoconfirmed' is quietly rewritten to 'editsemiprotected' for backwards compatibility
              - 'sysop' is quietly rewritten to 'editprotected' for backwards compatibility
    CascadingRestrictionLevels:
        default:
            - sysop
        type: array
        description: |-
            Restriction levels that can be used with cascading protection
            A page can only be protected with cascading protection if the
            requested restriction level is included in this array.
            'autoconfirmed' is quietly rewritten to 'editsemiprotected' for backwards compatibility.
            'sysop' is quietly rewritten to 'editprotected' for backwards compatibility.
    SemiprotectedRestrictionLevels:
        default:
            - autoconfirmed
        type: array
        description: |-
            Restriction levels that should be considered "semiprotected"
            Certain places in the interface recognize a dichotomy between "protected"
            and "semiprotected", without further distinguishing the specific levels. In
            general, if anyone can be eligible to edit a protection level merely by
            reaching some condition in $wgAutopromote, it should probably be considered
            "semiprotected".
            'autoconfirmed' is quietly rewritten to 'editsemiprotected' for backwards compatibility.
            'sysop' is not changed, since it really shouldn't be here.
    NamespaceProtection:
        default: {  }
        type: object
        description: |-
            Set the minimum permissions required to edit pages in each
            namespace.  If you list more than one permission, a user must
            have all of them to edit pages in that namespace.
            @note NS_MEDIAWIKI is implicitly restricted to 'editinterface'.
    NonincludableNamespaces:
        default: {  }
        type: object
        description: |-
            Pages in namespaces in this array can not be used as templates.
            Elements MUST be numeric namespace ids, you can safely use the MediaWiki
            namespaces constants (NS_USER, NS_MAIN...).
            Among other things, this may be useful to enforce read-restrictions
            which may otherwise be bypassed by using the template mechanism.
    AutoConfirmAge:
        default: 0
        description: |-
            Number of seconds an account is required to age before it's given the
            implicit 'autoconfirm' group membership. This can be used to limit
            privileges of new accounts.
            Accounts created by earlier versions of the software may not have a
            recorded creation date, and will always be considered to pass the age test.
            When left at 0, all registered accounts will pass.
            **Example:**
            Set automatic confirmation to 10 minutes (which is 600 seconds):
            ```
            $wgAutoConfirmAge = 600;     // ten minutes
            ```
            Set age to one day:
            ```
            $wgAutoConfirmAge = 3600*24; // one day
            ```
    AutoConfirmCount:
        default: 0
        description: |-
            Number of edits an account requires before it is autoconfirmed.
            Passing both this AND the time requirement is needed. Example:
            **Example:**
            ```
            $wgAutoConfirmCount = 50;
            ```
    Autopromote:
        default:
            autoconfirmed: ['&', [1, null], [2, null]]
        type: object
        description: |-
            Array containing the conditions of automatic promotion of a user to specific groups.
            The basic syntax for `$wgAutopromote` is:
                $wgAutopromote = [
                    'groupname' => cond,
                    'group2' => cond2,
                ];
            A `cond` may be:
             - a single condition without arguments:
                 Note that Autopromote wraps a single non-array value into an array
                 e.g. `APCOND_EMAILCONFIRMED` OR
                      [ `APCOND_EMAILCONFIRMED` ]
             - a single condition with arguments:
                 e.g. `[ APCOND_EDITCOUNT, 100 ]`
             - a set of conditions:
                 e.g. `[ 'operand', cond1, cond2, ... ]`
            When constructing a set of conditions, the following conditions are available:
             - `&` (**AND**):
                 promote if user matches **ALL** conditions
             - `|` (**OR**):
                 promote if user matches **ANY** condition
             - `^` (**XOR**):
                 promote if user matches **ONLY ONE OF THE CONDITIONS**
             - `!` (**NOT**):
                 promote if user matces **NO** condition
             - [ APCOND_EMAILCONFIRMED ]:
                 true if user has a confirmed e-mail
             - [ APCOND_EDITCOUNT, number of edits (if null or missing $wgAutoConfirmCount will be used)]:
                 true if user has the at least the number of edits as the passed parameter
             - [ APCOND_AGE, seconds since registration (if null or missing $wgAutoConfirmAge will be used)]:
                 true if the length of time since the user created his/her account
                 is at least the same length of time as the passed parameter
             - [ APCOND_AGE_FROM_EDIT, seconds since first edit ]:
                 true if the length of time since the user made his/her first edit
                 is at least the same length of time as the passed parameter
             - [ APCOND_INGROUPS, group1, group2, ... ]:
                 true if the user is a member of each of the passed groups
             - [ APCOND_ISIP, ip ]:
                 true if the user has the passed IP address
             - [ APCOND_IPINRANGE, range ]:
                 true if the user has an IP address in the range of the passed parameter
             - [ APCOND_BLOCKED ]:
                 true if the user is sitewide blocked
             - [ APCOND_ISBOT ]:
                 true if the user is a bot
             - similar constructs can be defined by extensions
            The sets of conditions are evaluated recursively, so you can use nested sets of conditions
            linked by operands.
            Note that if $wgEmailAuthentication is disabled, APCOND_EMAILCONFIRMED will be true for any
            user who has provided an e-mail address.
    AutopromoteOnce:
        default:
            onEdit: []
        type: object
        description: |-
            Automatically add a usergroup to any user who matches certain conditions.
            Does not add the user to the group again if it has been removed.
            Also, does not remove the group if the user no longer meets the criteria.
            The format is:
            ```
            [ event => criteria, ... ]
            ```
            Where event is either:
               - 'onEdit' (when user edits)
            Criteria has the same format as $wgAutopromote
            @see self::Autopromote
            @since 1.18
    AutopromoteOnceLogInRC:
        default: true
        description: |-
            Put user rights log entries for autopromotion in recent changes?
            @since 1.18
    AddGroups:
        default: {  }
        type: object
        description: |-
            $wgAddGroups and $wgRemoveGroups can be used to give finer control over who
            can assign which groups at Special:Userrights.
            **Example:**
            Bureaucrats can add any group:
            ```
            $wgAddGroups['bureaucrat'] = true;
            ```
            Bureaucrats can only remove bots and sysops:
            ```
            $wgRemoveGroups['bureaucrat'] = [ 'bot', 'sysop' ];
            ```
            Sysops can make bots:
            ```
            $wgAddGroups['sysop'] = [ 'bot' ];
            ```
            Sysops can disable other sysops in an emergency, and disable bots:
            ```
            $wgRemoveGroups['sysop'] = [ 'sysop', 'bot' ];
            ```
    RemoveGroups:
        default: {  }
        type: object
        description: '@see self::AddGroups'
    AvailableRights:
        default: []
        type: array
        items:
            type: string
        description: |-
            A list of available rights, in addition to the ones defined by the core.
            Rights in this list are denied unless explicitly granted, typically
            using GroupPermissions.
            For extensions only.
            @see self::GroupPermissions
            @see self::ImplicitRights
    ImplicitRights:
        default: []
        type: array
        items:
            type: string
        description: |-
            A list of implicit rights, in addition to the ones defined by the core.
            Rights in this list are granted implicitly to all users, but rate limits
            may apply to them.
            Extensions that define rate limits should add the corresponding right to
            either ImplicitRights or AvailableRights, depending on whether the right
            should be granted to everyone.
            @since 1.41
            @see self::RateLimits
            @see self::AvailableRights
    DeleteRevisionsLimit:
        default: 0
        description: |-
            Optional to restrict deletion of pages with higher revision counts
            to users with the 'bigdelete' permission. (Default given to sysops.)
    DeleteRevisionsBatchSize:
        default: 1000
        description: |-
            Page deletions with > this number of revisions will use the job queue.
            Revisions will be archived in batches of (at most) this size, one batch per job.
    HideUserContribLimit:
        default: 1000
        description: |-
            The maximum number of edits a user can have and
            can still be hidden by users with the hideuser permission.
            This is limited for performance reason.
            Set to false to disable the limit.
            @since 1.23
    AccountCreationThrottle:
        default:
            - { count: 0, seconds: 86400 }
        type:
            - integer
            - array
        description: |-
            Number of accounts each IP address may create per specified period(s).
            **Example:**
            ```
            $wgAccountCreationThrottle = [
             // no more than 100 per month
             [
              'count' => 100,
              'seconds' => 30*86400,
             ],
             // no more than 10 per day
             [
              'count' => 10,
              'seconds' => 86400,
             ],
            ];
            ```
            @note For backwards compatibility reasons, this may also be given as a single
                  integer, representing the number of account creations per day.
            @see self::TempAccountCreationThrottle for the temporary accounts version of
                  this throttle
            @warning Requires $wgMainCacheType to be enabled
    TempAccountCreationThrottle:
        default:
            - { count: 6, seconds: 86400 }
        type: array
        description: |-
            Number of temporary accounts each IP address may create per specified period(s).
            **Example:**
            ```
            $wgTempAccountCreationThrottle = [
             // no more than 100 per month
             [
              'count' => 100,
              'seconds' => 30*86400,
             ],
             // no more than 6 per day
             [
              'count' => 6,
              'seconds' => 86400,
             ],
            ];
            ```
            @see self::AccountCreationThrottle for the regular account version of this throttle.
            @warning Requires $wgMainCacheType to be enabled
            @since 1.42
    TempAccountNameAcquisitionThrottle:
        default:
            - { count: 60, seconds: 86400 }
        type: array
        description: |-
            Number of temporary accounts usernames each IP address may acquire per specified period(s).
            This should be set to a higher value than TempAccountCreationThrottle.
            On editing, we first attempt to acquire a temp username before proceeding with saving an edit
            and potentially creating a temp account if the edit save is successful.
            Some edits may fail (due to core or extensions denying an edit); this throttle ensures that
            there are limits to the number of temporary account names that can be acquired and stored in
            the database.
            **Example:**
            ```
            $wgTempAccountNameAcquisitionThrottle = [
             // no more than 100 per month
             [
              'count' => 100,
              'seconds' => 30*86400,
             ],
             // no more than 60 per day
             [
              'count' => 60,
              'seconds' => 86400,
             ],
            ];
            ```
            @see self::TempAccountCreationThrottle Make sure that TempAccountNameAcquisitionThrottle is greater than or
              equal to TempAccountCreationThrottle
            @warning Requires $wgMainCacheType to be enabled
            @since 1.42
    SpamRegex:
        default: []
        type: array
        description: |-
            Edits matching these regular expressions in body text
            will be recognised as spam and rejected automatically.
            There's no administrator override on-wiki, so be careful what you set. :)
            May be an array of regexes or a single string for backwards compatibility.
            @see https://en.wikipedia.org/wiki/Regular_expression
            @note Each regex needs a beginning/end delimiter, eg: # or /
    SummarySpamRegex:
        default: []
        type: array
        description: 'Same as SpamRegex except for edit summaries'
    EnableDnsBlacklist:
        default: false
        description: |-
            Whether to use DNS blacklists in $wgDnsBlacklistUrls to check for open
            proxies
            @since 1.16
    DnsBlacklistUrls:
        default:
            - http.dnsbl.sorbs.net.
        type: array
        description: |-
            List of DNS blacklists to use, if $wgEnableDnsBlacklist is true.
            This is an array of either a URL or an array with the URL and a key (should
            the blacklist require a key).
            **Example:**
            ```
            $wgDnsBlacklistUrls = [
              // String containing URL
              'http.dnsbl.sorbs.net.',
              // Array with URL and key, for services that require a key
              [ 'dnsbl.httpbl.net.', 'mykey' ],
              // Array with just the URL. While this works, it is recommended that you
              // just use a string as shown above
              [ 'opm.tornevall.org.' ]
            ];
            ```
            @note You should end the domain name with a . to avoid searching your
            eventual domain search suffixes.
            @since 1.16
    ProxyList:
        default: []
        type:
            - string
            - array
        description: |-
            List of banned IP addresses.
            This can have the following formats:
            - An array of addresses
            - A string, in which case this is the path to a file
              containing the list of IP addresses, one per line
    ProxyWhitelist:
        default: []
        type: array
        description: |-
            Proxy whitelist, list of addresses that are assumed to be non-proxy despite
            what the other methods might say.
    SoftBlockRanges:
        default: []
        type: array
        items:
            type: string
        description: |-
            IP ranges that should be considered soft-blocked (anon-only, account
            creation allowed). The intent is to use this to prevent anonymous edits from
            shared resources such as Wikimedia Labs.
            @since 1.29
    ApplyIpBlocksToXff:
        default: false
        description: |-
            Whether to look at the X-Forwarded-For header's list of (potentially spoofed)
            IPs and apply IP blocks to them. This allows for IP blocks to work with correctly-configured
            (transparent) proxies without needing to block the proxies themselves.
    RateLimits:
        default:
            edit: { ip: [8, 60], newbie: [8, 60], user: [90, 60] }
            move: { newbie: [2, 120], user: [8, 60] }
            upload: { ip: [8, 60], newbie: [8, 60] }
            rollback: { user: [10, 60], newbie: [5, 120] }
            mailpassword: { ip: [5, 3600] }
            sendemail: { ip: [5, 86400], newbie: [5, 86400], user: [20, 86400] }
            changeemail: { ip-all: [10, 3600], user: [4, 86400] }
            confirmemail: { ip-all: [10, 3600], user: [4, 86400] }
            purge: { ip: [30, 60], user: [30, 60] }
            linkpurge: { ip: [30, 60], user: [30, 60] }
            renderfile: { ip: [700, 30], user: [700, 30] }
            renderfile-nonstandard: { ip: [70, 30], user: [70, 30] }
            stashedit: { ip: [30, 60], newbie: [30, 60] }
            stashbasehtml: { ip: [5, 60], newbie: [5, 60] }
            changetags: { ip: [8, 60], newbie: [8, 60] }
            editcontentmodel: { newbie: [2, 120], user: [8, 60] }
        type: object
        mergeStrategy: array_plus_2d
        description: |-
            Simple rate limiter options to brake edit floods.
            Maximum number actions allowed in the given number of seconds; after that
            the violating client receives HTTP 500 error pages until the period
            elapses.
            **Example:**
            Limits per configured per action and then type of users.
            ```
            $wgRateLimits = [
                'edit' => [
                    'anon' => [ x, y ], // any and all anonymous edits (aggregate)
                    'user' => [ x, y ], // each logged-in user
                    'user-global' => [ x, y ], // per username, across all sites (assumes names are
            global)
                    'newbie' => [ x, y ], // each new autoconfirmed accounts; overrides 'user'
                    'ip' => [ x, y ], // each anon and recent account, across all sites
                    'subnet' => [ x, y ], // ... within a /24 subnet in IPv4 or /64 in IPv6
                    'ip-all' => [ x, y ], // per ip, across all sites
                    'subnet-all' => [ x, y ], // ... within a /24 subnet in IPv4 or /64 in IPv6
                    'groupName' => [ x, y ], // by group membership
                ]
            ];
            ```
            **Normally, the 'noratelimit' right allows a user to bypass any rate**
            limit checks. This can be disabled on a per-action basis by setting the
            special '&can-bypass' key to false in that action's configuration.
            ```
            $wgRateLimits = [
                'some-action' => [
                    '&can-bypass' => false,
                    'user' => [ x, y ],
            ];
            ```
            @see self::ImplicitRights
            @warning Requires that $wgMainCacheType is set to something persistent
    RateLimitsExcludedIPs:
        default: []
        type: array
        description: |-
            Array of IPs / CIDR ranges which should be excluded from rate limits.
            This may be useful for allowing NAT gateways for conferences, etc.
    PutIPinRC:
        default: true
        description: |-
            Log IP addresses in the recentchanges table; can be accessed only by
            extensions (e.g. CheckUser) or a DB admin
            Used for retroactive autoblocks
    QueryPageDefaultLimit:
        default: 50
        description: |-
            Integer defining default number of entries to show on
            special pages which are query-pages such as Special:Whatlinkshere.
    PasswordAttemptThrottle:
        default:
            - { count: 5, seconds: 300 }
            - { count: 150, seconds: 172800 }
        type: array
        description: |-
            Limit password attempts to X attempts per Y seconds per IP per account.
            Value is an array of arrays. Each sub-array must have a key for count
            (ie count of how many attempts before throttle) and a key for seconds.
            If the key 'allIPs' (case sensitive) is present, then the limit is
            just per account instead of per IP per account.
            @since 1.27 allIps support and multiple limits added in 1.27. Prior
            to 1.27 this only supported having a single throttle.
            @warning Requires $wgMainCacheType to be enabled
    GrantPermissions:
        default:
            basic: { autocreateaccount: true, autoconfirmed: true, autopatrol: true, editsemiprotected: true, ipblock-exempt: true, nominornewtalk: true, patrolmarks: true, read: true, unwatchedpages: true }
            highvolume: { bot: true, apihighlimits: true, noratelimit: true, markbotedits: true }
            import: { import: true, importupload: true }
            editpage: { edit: true, minoredit: true, applychangetags: true, changetags: true, editcontentmodel: true, pagelang: true }
            editprotected: { edit: true, minoredit: true, applychangetags: true, changetags: true, editcontentmodel: true, editprotected: true }
            editmycssjs: { edit: true, minoredit: true, applychangetags: true, changetags: true, editcontentmodel: true, editmyusercss: true, editmyuserjson: true, editmyuserjs: true }
            editmyoptions: { editmyoptions: true, editmyuserjson: true }
            editinterface: { edit: true, minoredit: true, applychangetags: true, changetags: true, editcontentmodel: true, editinterface: true, edituserjson: true, editsitejson: true }
            editsiteconfig: { edit: true, minoredit: true, applychangetags: true, changetags: true, editcontentmodel: true, editinterface: true, edituserjson: true, editsitejson: true, editusercss: true, edituserjs: true, editsitecss: true, editsitejs: true }
            createeditmovepage: { edit: true, minoredit: true, applychangetags: true, changetags: true, editcontentmodel: true, createpage: true, createtalk: true, delete-redirect: true, move: true, move-rootuserpages: true, move-subpages: true, move-categorypages: true, suppressredirect: true }
            uploadfile: { upload: true, reupload-own: true }
            uploadeditmovefile: { upload: true, reupload-own: true, reupload: true, reupload-shared: true, upload_by_url: true, movefile: true, suppressredirect: true }
            patrol: { patrol: true }
            rollback: { rollback: true }
            blockusers: { block: true, blockemail: true }
            viewdeleted: { browsearchive: true, deletedhistory: true, deletedtext: true }
            viewrestrictedlogs: { suppressionlog: true }
            delete: { edit: true, minoredit: true, applychangetags: true, changetags: true, editcontentmodel: true, browsearchive: true, deletedhistory: true, deletedtext: true, delete: true, bigdelete: true, deletelogentry: true, deleterevision: true, undelete: true }
            oversight: { suppressrevision: true, viewsuppressed: true }
            protect: { edit: true, minoredit: true, applychangetags: true, changetags: true, editcontentmodel: true, editprotected: true, protect: true }
            viewmywatchlist: { viewmywatchlist: true }
            editmywatchlist: { editmywatchlist: true }
            sendemail: { sendemail: true }
            createaccount: { createaccount: true }
            privateinfo: { viewmyprivateinfo: true }
            mergehistory: { mergehistory: true }
        type: object
        mergeStrategy: array_plus_2d
        additionalProperties:
            type: object
            additionalProperties: { type: boolean }
        description: |-
            Users authorize consumers (like Apps) to act on their behalf but only with
            a subset of the user's normal account rights (signed off on by the user).
            The possible rights to grant to a consumer are bundled into groups called
            "grants". Each grant defines some rights it lets consumers inherit from the
            account they may act on behalf of. Note that a user granting a right does
            nothing if that user does not actually have that right to begin with.
            @since 1.27
    GrantPermissionGroups:
        default:
            basic: hidden
            editpage: page-interaction
            createeditmovepage: page-interaction
            editprotected: page-interaction
            patrol: page-interaction
            uploadfile: file-interaction
            uploadeditmovefile: file-interaction
            sendemail: email
            viewmywatchlist: watchlist-interaction
            editviewmywatchlist: watchlist-interaction
            editmycssjs: customization
            editmyoptions: customization
            editinterface: administration
            editsiteconfig: administration
            rollback: administration
            blockusers: administration
            delete: administration
            viewdeleted: administration
            viewrestrictedlogs: administration
            protect: administration
            oversight: administration
            createaccount: administration
            mergehistory: administration
            import: administration
            highvolume: high-volume
            privateinfo: private-information
        type: object
        additionalProperties:
            type: string
        description: |-
            Grant groups are used on some user interfaces to display conceptually
            similar grants together.
            This configuration value should usually be set by extensions, not
            site administrators.
            @see self::GrantPermissions
            @since 1.27
    GrantRiskGroups:
        default:
            basic: low
            editpage: low
            createeditmovepage: low
            editprotected: vandalism
            patrol: low
            uploadfile: low
            uploadeditmovefile: low
            sendemail: security
            viewmywatchlist: low
            editviewmywatchlist: low
            editmycssjs: security
            editmyoptions: security
            editinterface: vandalism
            editsiteconfig: security
            rollback: low
            blockusers: vandalism
            delete: vandalism
            viewdeleted: vandalism
            viewrestrictedlogs: security
            protect: vandalism
            oversight: security
            createaccount: low
            mergehistory: vandalism
            import: security
            highvolume: low
            privateinfo: low
        type: object
        description: |-
            Group grants by risk level. Keys are grant names (i.e. keys from GrantPermissions),
            values are GrantsInfo::RISK_* constants.
            Note that this classification is only informative; merely applying 'security' or 'internal'
            to a grant won't prevent it from being available. It's used to give guidance to users
            in various interfaces about the riskiness of the various grants.
            @since 1.42
    EnableBotPasswords:
        default: true
        type: boolean
        description: '@since 1.27'
    BotPasswordsCluster:
        default: false
        type:
            - string
            - boolean
        description: |-
            Cluster for the bot_passwords table
            @since 1.27
            @deprecated since 1.42 Use $wgVirtualDomainsMapping instead.
    BotPasswordsDatabase:
        default: false
        type:
            - string
            - boolean
        description: |-
            Database name for the bot_passwords table
            To use a database with a table prefix, set this variable to
            "{$database}-{$prefix}".
            @since 1.27
            @deprecated since 1.42 Use $wgVirtualDomainsMapping instead.
    SecretKey:
        default: false
        description: 'This should always be customised in LocalSettings.php'
    AllowUserJs:
        default: false
        description: |-
            Allow user Javascript page?
            This enables a lot of neat customizations, but may
            increase security risk to users and server load.
    AllowUserCss:
        default: false
        description: |-
            Allow user Cascading Style Sheets (CSS)?
            This enables a lot of neat customizations, but may
            increase security risk to users and server load.
    AllowUserCssPrefs:
        default: true
        description: |-
            Allow style-related user-preferences?
            This controls whether the `editfont` and `underline` preferences
            are available to users.
    UseSiteJs:
        default: true
        description: 'Use the site''s Javascript page?'
    UseSiteCss:
        default: true
        description: 'Use the site''s Cascading Style Sheets (CSS)?'
    BreakFrames:
        default: false
        description: |-
            Break out of framesets. This can be used to prevent clickjacking attacks,
            or to prevent external sites from framing your site with ads.
    EditPageFrameOptions:
        default: DENY
        description: |-
            The X-Frame-Options header to send on pages sensitive to clickjacking
            attacks, such as edit pages. This prevents those pages from being displayed
            in a frame or iframe. The options are:
              - 'DENY': Do not allow framing. This is recommended for most wikis.
              - 'SAMEORIGIN': Allow framing by pages on the same domain. This can be used
                    to allow framing within a trusted domain. This is insecure if there
                    is a page on the same domain which allows framing of arbitrary URLs.
              - false: Allow all framing. This opens up the wiki to XSS attacks and thus
                    full compromise of local user accounts. Private wikis behind a
                    corporate firewall are especially vulnerable. This is not
                    recommended.
            For extra safety, set $wgBreakFrames = true, to prevent framing on all pages,
            not just edit pages.
    ApiFrameOptions:
        default: DENY
        description: |-
            Disallow framing of API pages directly, by setting the X-Frame-Options
            header. Since the API returns CSRF tokens, allowing the results to be
            framed can compromise your user's account security.
            Options are:
              - 'DENY': Do not allow framing. This is recommended for most wikis.
              - 'SAMEORIGIN': Allow framing by pages on the same domain.
              - false: Allow all framing.
            Note: $wgBreakFrames will override this for human formatted API output.
    CSPHeader:
        default: false
        type:
            - boolean
            - object
        description: |-
            Controls Content-Security-Policy header
            @warning May cause slowness on Windows due to slow random number generator.
            @unstable EXPERIMENTAL
            @since 1.32
            @see https://www.w3.org/TR/CSP2/
    CSPReportOnlyHeader:
        default: false
        type:
            - boolean
            - object
        description: |-
            Controls Content-Security-Policy-Report-Only header
            @since 1.32
    CSPFalsePositiveUrls:
        default:
            'https://3hub.co': true
            'https://morepro.info': true
            'https://p.ato.mx': true
            'https://s.ato.mx': true
            'https://adserver.adtech.de': true
            'https://ums.adtechus.com': true
            'https://cas.criteo.com': true
            'https://cat.nl.eu.criteo.com': true
            'https://atpixel.alephd.com': true
            'https://rtb.metrigo.com': true
            'https://d5p.de17a.com': true
            'https://ad.lkqd.net/vpaid/vpaid.js': true
            'https://ad.lkqd.net/vpaid/vpaid.js?fusion=1.0': true
            'https://t.lkqd.net/t': true
            chrome-extension: true
        type: object
        description: |-
            List of urls which appear often to be triggering CSP reports
            but do not appear to be caused by actual content, but by client
            software inserting scripts (i.e. Ad-Ware).
            List based on results from Wikimedia logs.
            @since 1.28
    AllowCrossOrigin:
        default: false
        type: boolean
        description: |-
            Allow anonymous cross origin requests.
            This should be disabled for intranet sites (sites behind a firewall).
            @since 1.36
    RestAllowCrossOriginCookieAuth:
        default: false
        type: boolean
        description: |-
            Allows authenticated cross-origin requests to the REST API with session cookies.
            With this option enabled, any origin specified in $wgCrossSiteAJAXdomains may send session
            cookies for authorization in the REST API.
            There is a performance impact by enabling this option. Therefore, it should be left disabled
            for most wikis and clients should instead use OAuth to make cross-origin authenticated
            requests.
            @see https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials
            @since 1.36
    SessionSecret:
        default: false
        description: |-
            Secret for session storage.
            This should be set in LocalSettings.php, otherwise $wgSecretKey will
            be used.
            @since 1.27
    HKDFSecret:
        default: false
        description: |-
            Secret for hmac-based key derivation function (fast,
            cryptographically secure random numbers).
            This should be set in LocalSettings.php, otherwise $wgSecretKey will
            be used.
            See also: $wgHKDFAlgorithm
            @since 1.24
    HKDFAlgorithm:
        default: sha256
        description: |-
            Algorithm for hmac-based key derivation function (fast,
            cryptographically secure random numbers).
            See also: $wgHKDFSecret
            @since 1.24
    CookieExpiration:
        default: 2592000
        description: 'Default cookie lifetime, in seconds. Setting to 0 makes all cookies session-only.'
    ExtendedLoginCookieExpiration:
        default: 15552000
        description: |-
            Default login cookie lifetime, in seconds. Setting
            $wgExtendLoginCookieExpiration to null will use $wgCookieExpiration to
            calculate the cookie lifetime. As with $wgCookieExpiration, 0 will make
            login cookies session-only.
    CookieDomain:
        default: ''
        description: |-
            Set to set an explicit domain on the login cookies eg, "justthis.domain.org"
            or ".any.subdomain.net"
    CookiePath:
        default: /
        description: |-
            Set this variable if you want to restrict cookies to a certain path within
            the domain specified by $wgCookieDomain.
    CookieSecure:
        default: detect
        dynamicDefault:
            use: [ForceHTTPS]
            callback: [MediaWiki\MainConfigSchema, getDefaultCookieSecure]
        description: |-
            Whether the "secure" flag should be set on the cookie. This can be:
              - true:      Set secure flag
              - false:     Don't set secure flag
              - "detect":  Set the secure flag if $wgServer is set to an HTTPS URL,
                           or if $wgForceHTTPS is true.
            If $wgForceHTTPS is true, session cookies will be secure regardless of this
            setting. However, other cookies will still be affected.
    CookiePrefix:
        default: false
        dynamicDefault:
            use: [SharedDB, SharedPrefix, SharedTables, DBname, DBprefix]
            callback: [MediaWiki\MainConfigSchema, getDefaultCookiePrefix]
        description: |-
            Cookies generated by MediaWiki have names starting with this prefix. Set it
            to a string to use a custom prefix. Setting it to false causes the database
            name to be used as a prefix.
    CookieHttpOnly:
        default: true
        description: |-
            Set authentication cookies to HttpOnly to prevent access by JavaScript,
            in browsers that support this feature. This can mitigates some classes of
            XSS attack.
    CookieSameSite:
        default: null
        type:
            - string
            - 'null'
        description: |-
            The SameSite cookie attribute used for login cookies. This can be "Lax",
            "Strict", "None" or empty/null to omit the attribute.
            This only applies to login cookies, since the correct value for other
            cookies depends on what kind of cookie it is.
            @since 1.35
    CacheVaryCookies:
        default: []
        type: array
        description: 'A list of cookies that vary the cache (for use by extensions)'
    SessionName:
        default: false
        description: 'Override to customise the session name'
    CookieSetOnAutoblock:
        default: true
        description: |-
            Whether to set a cookie when a user is autoblocked. Doing so means that a blocked user, even
            after logging out and moving to a new IP address, will still be blocked. This cookie will
            contain an authentication code if $wgSecretKey is set, or otherwise will just be the block
            ID (in which case there is a possibility of an attacker discovering the names of revdeleted
            users, so it is best to use this in conjunction with $wgSecretKey being set).
    CookieSetOnIpBlock:
        default: true
        description: |-
            Whether to set a cookie when a logged-out user is blocked. Doing so means that a blocked
            user, even after moving to a new IP address, will still be blocked. This cookie will contain
            an authentication code if $wgSecretKey is set, or otherwise will just be the block ID (in
            which case there is a possibility of an attacker discovering the names of revdeleted users,
            so it is best to use this in conjunction with $wgSecretKey being set).
    DebugLogFile:
        default: ''
        description: |-
            Enable verbose debug logging for all channels and log levels.
            See https://www.mediawiki.org/wiki/How_to_debug
            For static requests, this enables all channels and warning-level and
            above only. Use $wgDebugRawPage to make those verbose as well.
            The debug log file should be not be web-accessible if it is used in
            a production environment, as may contain private data.
    DebugLogPrefix:
        default: ''
        description: 'Prefix for debug log lines'
    DebugRedirects:
        default: false
        description: |-
            If true, instead of redirecting, show a page with a link to the redirect
            destination. This allows for the inspection of PHP error messages, and easy
            resubmission of form data. For developer use only.
    DebugRawPage:
        default: false
        description: |-
            If true, debug logging is also enabled for load.php and action=raw requests.
            By default, $wgDebugLogFile enables all channels and warning-level and
            above for static requests.
            This ensures that the debug log is likely a chronological record of
            of specific web request you are debugging, instead of overlapping with
            messages from static requests, which would make it unclear which message
            originated from what request.
            Also, during development this can make browsing and JavaScript testing
            considerably slower (T85805).
    DebugComments:
        default: false
        description: |-
            Send debug data to an HTML comment in the output.
            This may occasionally be useful when supporting a non-technical end-user.
            It's more secure than exposing the debug log file to the web, since the
            output only contains private data for the current user. But it's not ideal
            for development use since data is lost on fatal errors and redirects.
    DebugDumpSql:
        default: false
        description: |-
            Write SQL queries to the debug log.
            This setting is only used $wgLBFactoryConf['class'] is set to
            '\Wikimedia\Rdbms\LBFactorySimple'; otherwise the DBO_DEBUG flag must be set in
            the 'flags' option of the database connection to achieve the same functionality.
    TrxProfilerLimits:
        default:
            GET: { masterConns: 0, writes: 0, readQueryTime: 5, readQueryRows: 10000 }
            POST: { readQueryTime: 5, writeQueryTime: 1, readQueryRows: 100000, maxAffected: 1000 }
            POST-nonwrite: { writes: 0, readQueryTime: 5, readQueryRows: 10000 }
            PostSend-GET: { readQueryTime: 5, writeQueryTime: 1, readQueryRows: 10000, maxAffected: 1000, masterConns: 0, writes: 0 }
            PostSend-POST: { readQueryTime: 5, writeQueryTime: 1, readQueryRows: 100000, maxAffected: 1000 }
            JobRunner: { readQueryTime: 30, writeQueryTime: 5, readQueryRows: 100000, maxAffected: 500 }
            Maintenance: { writeQueryTime: 5, maxAffected: 1000 }
        type: object
        description: |-
            Performance expectations for DB usage
            @since 1.26
    DebugLogGroups:
        default: {  }
        type: object
        description: |-
            Map of string log group names to log destinations.
            If set, wfDebugLog() output for that group will go to that file instead
            of the regular $wgDebugLogFile. Useful for enabling selective logging
            in production.
            Log destinations may be one of the following:
            - false to completely remove from the output, including from $wgDebugLogFile.
            - string values specifying a filename or URI.
            - associative array with keys:
              - 'destination' desired filename or URI.
              - 'sample' an integer value, specifying a sampling factor (optional)
              - 'level' A \Psr\Log\LogLevel constant, indicating the minimum level
                        to log (optional, since 1.25)
            **Example:**
            ```
            $wgDebugLogGroups['redis'] = '/var/log/mediawiki/redis.log';
            ```
            **Advanced example:**
            ```
            $wgDebugLogGroups['memcached'] = [
                'destination' => '/var/log/mediawiki/memcached.log',
                'sample' => 1000,  // log 1 message out of every 1,000.
                'level' => \Psr\Log\LogLevel::WARNING
            ];
            ```
    MWLoggerDefaultSpi:
        default:
            class: MediaWiki\Logger\LegacySpi
        mergeStrategy: replace
        type: object
        description: |-
            Default service provider for creating Psr\Log\LoggerInterface instances.
            The value should be an array suitable for use with
            ObjectFactory::getObjectFromSpec(). The created object is expected to
            implement the MediaWiki\Logger\Spi interface. See ObjectFactory for additional
            details.
            Alternately the MediaWiki\Logger\LoggerFactory::registerProvider method can
            be called to inject an MediaWiki\Logger\Spi instance into the LoggerFactory
            and bypass the use of this configuration variable entirely.
            **To completely disable logging:**
            ```
            $wgMWLoggerDefaultSpi = [ 'class' => \MediaWiki\Logger\NullSpi::class ];
            ```
            @since 1.25
            @see \MwLogger
    ShowDebug:
        default: false
        description: |-
            Display debug data at the bottom of the main content area.
            Useful for developers and technical users trying to working on a closed wiki.
    SpecialVersionShowHooks:
        default: false
        description: 'Show the contents of $wgHooks in Special:Version'
    ShowExceptionDetails:
        default: false
        description: |-
            Show exception message and stack trace when printing details about uncaught exceptions
            in web response output.
            This may reveal private information in error messages or function parameters.
            If set to false, only the exception type or class name will be exposed.
    LogExceptionBacktrace:
        default: true
        description: 'If true, send the exception backtrace to the error log'
    PropagateErrors:
        default: true
        description: |-
            If true, the MediaWiki error handler passes errors/warnings to the default error handler
            after logging them. The setting is ignored when the track_errors php.ini flag is true.
    ShowHostnames:
        default: false
        description: 'Expose backend server host names through the API and various HTML comments'
    OverrideHostname:
        default: false
        description: |-
            Override server hostname detection with a hardcoded value.
            Should be a string, default false.
            @since 1.20
    DevelopmentWarnings:
        default: false
        description: |-
            If set to true MediaWiki will throw notices for some possible error
            conditions and for deprecated functions.
    DeprecationReleaseLimit:
        default: false
        description: |-
            Release limitation to wfDeprecated warnings, if set to a release number
            development warnings will not be generated for deprecations added in releases
            after the limit.
    Profiler:
        default: {  }
        type: object
        mergeStrategy: replace
        description: |-
            Profiler configuration.
            To use a profiler, set $wgProfiler in LocalSettings.php.
            Options:
            - 'class' (`string`): The Profiler subclass to use.
              Default: ProfilerStub.
            - 'sampling' (`integer`): Only enable the profiler on one in this many requests.
              For requests that are not in the sampling,
              the 'class' option will be replaced with ProfilerStub.
              Default: `1`.
            - 'threshold' (`float`): Only process the recorded data if the total elapsed
              time for a request is more than this number of seconds.
              Default: `0.0`.
            - 'output' (`string|string[]`):  ProfilerOutput subclass or subclasess to use.
              Default: `[]`.
            The options array is passed in its entirety to the specified
            Profiler `class`. Check individual Profiler subclasses for additional
            options that may be available.
            Profiler subclasses available in MediaWiki core:
            - ProfilerXhprof: Based on XHProf or Tideways-XHProf.
            - ProfilerExcimer: Based on Excimer.
            - ProfilerSectionOnly
            Profiler output classes available in MediaWiki:
            - ProfilerOutputText: outputs profiling data in the web page body as
              a comment.  You can make the profiling data in HTML render visibly
              instead by setting the 'visible' configuration flag.
            - ProfilerOutputStats: outputs profiling data as StatsD metrics.
              It expects that $wgStatsdServer is set to the host (or host:port)
              of a statsd server.
            - ProfilerOutputDump: outputs dump files that are compatible
              with the XHProf gui. It expects that `$wgProfiler['outputDir']`
              is set as well.
            Examples:
            ```
            $wgProfiler = [
              'class' => ProfilerXhprof::class,
              'output' => ProfilerOutputText::class,
            ];
            ```
            ```
            $wgProfiler = [
              'class' => ProfilerXhprof::class,
              'output' => [ ProfilerOutputText::class ],
              'sampling' => 50, // one in every 50 requests
            ];
            ```
            For performance, the profiler is always disabled for CLI scripts as they
            could be long running and the data would accumulate. Use the `--profiler`
            parameter of maintenance scripts to override this.
            @since 1.17.0
    StatsdServer:
        default: false
        description: |-
            Destination of statsd metrics.
            A host or host:port of a statsd server. Port defaults to 8125.
            If not set, statsd metrics will not be collected.
            @see MediaWiki::emitBufferedStatsdData()
            @since 1.25
    StatsdMetricPrefix:
        default: MediaWiki
        description: |-
            Prefix for metric names sent to $wgStatsdServer.
            @see \MediaWiki\MediaWikiServices::getInstance()->getStatsdDataFactory
            @see \BufferingStatsdDataFactory
            @since 1.25
    StatsdSamplingRates:
        default: {  }
        type: object
        description: |-
            Sampling rate for statsd metrics as an associative array of patterns and rates.
            Patterns are Unix shell patterns (e.g. 'MediaWiki.api.*').
            Rates are sampling probabilities (e.g. 0.1 means 1 in 10 events are sampled).
            @since 1.28
    StatsTarget:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Stats output target URI e.g. udp://127.0.0.1:8125
            If null, metrics will not be sent.
            Note: this only affects metrics instantiated by the StatsFactory service
            @since 1.38
    StatsFormat:
        default: null
        type:
            - string
            - 'null'
        description: |-
            Stats output format
            If null, metrics will not be rendered nor sent.
            Note: this only affects metrics instantiated by the StatsFactory service
            @see \Wikimedia\Stats\OutputFormats::SUPPORTED_FORMATS
            @since 1.41
    StatsPrefix:
        default: mediawiki
        type: string
        description: |-
            Stats service name prefix
            Required.  Must not be zero-length.
            Defaults to: 'mediawiki'
            Note: this only affects metrics instantiated by the StatsFactory service
            @since 1.41
    PageInfoTransclusionLimit:
        default: 50
        description: |-
            InfoAction retrieves a list of transclusion links (both to and from).
            This number puts a limit on that query in the case of highly transcluded
            templates.
    EnableJavaScriptTest:
        default: false
        description: 'Allow running of QUnit tests via [[Special:JavaScriptTest]].'
    CachePrefix:
        default: false
        description: |-
            Overwrite the caching key prefix with custom value.
            @since 1.19
    DebugToolbar:
        default: false
        description: |-
            Display the new debugging toolbar. This also enables profiling on database
            queries and other useful output.
            Will be ignored if $wgUseFileCache or $wgUseCdn is enabled.
            @since 1.19
    DisableTextSearch:
        default: false
        description: 'Set this to true to disable the full text search feature.'
    AdvancedSearchHighlighting:
        default: false
        description: |-
            Set to true to have nicer highlighted text in search results,
            by default off due to execution overhead
    SearchHighlightBoundaries:
        default: '[\p{Z}\p{P}\p{C}]'
        description: |-
            Regexp to match word boundaries, defaults for non-CJK languages
            should be empty for CJK since the words are not separate
    OpenSearchTemplates:
        default:
            application/x-suggestions+json: false
            application/x-suggestions+xml: false
        type: object
        description: |-
            Templates for OpenSearch suggestions, defaults to API action=opensearch
            Sites with heavy load would typically have these point to a custom
            PHP wrapper to avoid firing up mediawiki for every keystroke
            Placeholders: {searchTerms}
    OpenSearchDefaultLimit:
        default: 10
        description: |-
            Integer defining default number of entries to show on
            OpenSearch call.
    OpenSearchDescriptionLength:
        default: 100
        description: |-
            Minimum length of extract in <Description>. Actual extracts will last until the end of
            sentence.
    SearchSuggestCacheExpiry:
        default: 1200
        description: 'Expiry time for search suggestion responses'
    DisableSearchUpdate:
        default: false
        description: |-
            If you've disabled search semi-permanently, this also disables updates to the
            table. If you ever re-enable, be sure to rebuild the search table.
    NamespacesToBeSearchedDefault:
        default:
            - true
        type: object
        description: |-
            List of namespaces which are searched by default.
            **Example:**
            ```
            $wgNamespacesToBeSearchedDefault[NS_MAIN] = true;
            $wgNamespacesToBeSearchedDefault[NS_PROJECT] = true;
            ```
    DisableInternalSearch:
        default: false
        description: |-
            Disable the internal MySQL-based search, to allow it to be
            implemented by an extension instead.
    SearchForwardUrl:
        default: null
        description: |-
            Set this to a URL to forward search requests to some external location.
            If the URL includes '$1', this will be replaced with the URL-encoded
            search term. Before using this, $wgDisableTextSearch must be set to true.
            **Example:**
            To forward to Google you'd have something like:
            ```
            $wgSearchForwardUrl =
            'https://www.google.com/search?q=$1' .
            '&domains=https://example.com' .
            '&sitesearch=https://example.com' .
            '&ie=utf-8&oe=utf-8';
            ```
    SitemapNamespaces:
        default: false
        type:
            - boolean
            - array
        description: |-
            Array of namespaces to generate a Google sitemap for when the
            maintenance/generateSitemap.php script is run, or false if one is to be
            generated for all namespaces.
    SitemapNamespacesPriorities:
        default: false
        type:
            - boolean
            - object
        description: |-
            Custom namespace priorities for sitemaps. Setting this will allow you to
            set custom priorities to namespaces when sitemaps are generated using the
            maintenance/generateSitemap.php script.
            This should be a map of namespace IDs to priority
            **Example:**
            ```
            $wgSitemapNamespacesPriorities = [
                NS_USER => '0.9',
                NS_HELP => '0.0',
            ];
            ```
    EnableSearchContributorsByIP:
        default: true
        description: |-
            If true, searches for IP addresses will be redirected to that IP's
            contributions page. E.g. searching for "1.2.3.4" will redirect to
            [[Special:Contributions/1.2.3.4]]
    SpecialSearchFormOptions:
        default: {  }
        type: object
        description: |-
            Options for Special:Search completion widget form created by SearchFormWidget class.
            Settings that can be used:
            - showDescriptions: true/false - whether to show opensearch description results
            - performSearchOnClick:  true/false - whether to perform search on click
            See also TitleWidget.js UI widget.
            @since 1.34
    SearchMatchRedirectPreference:
        default: false
        type: boolean
        description: |-
            Set true to allow logged-in users to set a preference whether or not matches in
            search results should force redirection to that page. If false, the preference is
            not exposed and cannot be altered from site default. To change your site's default
            preference, set via $wgDefaultUserOptions['search-match-redirect'].
            @since 1.35
    SearchRunSuggestedQuery:
        default: true
        type: boolean
        description: |-
            Controls whether zero-result search queries with suggestions should display results for
            these suggestions.
            @since 1.26
    Diff3:
        default: /usr/bin/diff3
        description: |-
            Path to the GNU diff3 utility. If the file doesn't exist, edit conflicts will
            fall back to the old behavior (no merging).
    Diff:
        default: /usr/bin/diff
        description: 'Path to the GNU diff utility.'
    PreviewOnOpenNamespaces:
        default:
            14: true
        type: object
        description: |-
            Which namespaces have special treatment where they should be preview-on-open
            Internally only Category: pages apply, but using this extensions (e.g. Semantic MediaWiki)
            can specify namespaces of pages they have special treatment for
    UniversalEditButton:
        default: true
        description: |-
            Enable the UniversalEditButton for browsers that support it
            (currently only Firefox with an extension)
            See http://universaleditbutton.org for more background information
    UseAutomaticEditSummaries:
        default: true
        description: |-
            If user doesn't specify any edit summary when making a an edit, MediaWiki
            will try to automatically create one. This feature can be disabled by set-
            ting this variable false.
    CommandLineDarkBg:
        default: false
        description: 'For colorized maintenance script output, is your terminal background dark ?'
    ReadOnly:
        default: null
        description: |-
            Set this to a string to put the wiki into read-only mode. The text will be
            used as an explanation to users.
            This prevents most write operations via the web interface. Cache updates may
            still be possible. To prevent database writes completely, use the read_only
            option in MySQL.
    ReadOnlyWatchedItemStore:
        default: false
        type: boolean
        description: |-
            Set this to true to put the wiki watchlists into read-only mode.
            @since 1.31
    ReadOnlyFile:
        default: false
        dynamicDefault:
            use: [UploadDirectory]
            callback: [MediaWiki\MainConfigSchema, getDefaultReadOnlyFile]
        description: |-
            If this lock file exists (size > 0), the wiki will be forced into read-only mode.
            Its contents will be shown to users as part of the read-only warning
            message.
            Will default to "{$wgUploadDirectory}/lock_yBgMBwiR" in Setup.php
    UpgradeKey:
        default: false
        description: |-
            When you run the web-based upgrade utility, it will tell you what to set
            this to in order to authorize the upgrade process. It will subsequently be
            used as a password, to authorize further upgrades.
            For security, do not set this to a guessable string. Use the value supplied
            by the install/upgrade process. To cause the upgrader to generate a new key,
            delete the old key from LocalSettings.php.
    GitBin:
        default: /usr/bin/git
        description: 'Fully specified path to git binary'
    GitRepositoryViewers:
        default:
            'https://(?:[a-z0-9_]+@)?gerrit.wikimedia.org/r/(?:p/)?(.*)': 'https://gerrit.wikimedia.org/g/%R/+/%H'
            'ssh://(?:[a-z0-9_]+@)?gerrit.wikimedia.org:29418/(.*)': 'https://gerrit.wikimedia.org/g/%R/+/%H'
        type: object
        description: |-
            Map GIT repository URLs to viewer URLs to provide links in Special:Version
            Key is a pattern passed to preg_match() and preg_replace(),
            without the delimiters (which are #) and must match the whole URL.
            The value is the replacement for the key (it can contain $1, etc.)
            %h will be replaced by the short SHA-1 (7 first chars) and %H by the
            full SHA-1 of the HEAD revision.
            %r will be replaced with a URL-encoded version of $1.
            %R will be replaced with $1 and no URL-encoding
            @since 1.20
    RCMaxAge:
        default: 7776000
        description: |-
            Recentchanges items are periodically purged; entries older than this many
            seconds will go.
            Default: 90 days = about three months
    WatchersMaxAge:
        default: 15552000
        description: |-
            Page watchers inactive for more than this many seconds are considered inactive.
            Used mainly by action=info. Default: 180 days = about six months.
            @since 1.26
    UnwatchedPageSecret:
        default: 1
        description: |-
            If active watchers (per above) are this number or less, do not disclose it.
            Left to 1, prevents unprivileged users from knowing for sure that there are 0.
            Set to -1 if you want to always complement watchers count with this info.
            @since 1.26
    RCFilterByAge:
        default: false
        description: |-
            Filter $wgRCLinkDays by $wgRCMaxAge to avoid showing links for numbers
            higher than what will be stored. Note that this is disabled by default
            because we sometimes do have RC data which is beyond the limit for some
            reason, and some users may use the high numbers to display that data which
            is still there.
    RCLinkLimits:
        default:
            - 50
            - 100
            - 250
            - 500
        type: array
        description: |-
            List of Limits options to list in the Special:Recentchanges and
            Special:Recentchangeslinked pages.
    RCLinkDays:
        default:
            - 1
            - 3
            - 7
            - 14
            - 30
        type: array
        description: |-
            List of Days options to list in the Special:Recentchanges and
            Special:Recentchangeslinked pages.
            @see \MediaWiki\SpecialPage\ChangesListSpecialPage::getLinkDays
    RCFeeds:
        default: {  }
        type: object
        description: |-
            Configuration for feeds to which notifications about recent changes will be sent.
            The following feed classes are available by default:
            - 'UDPRCFeedEngine' - sends recent changes over UDP to the specified server.
            - 'RedisPubSubFeedEngine' - send recent changes to Redis.
            Only 'class' or 'uri' is required. If 'uri' is set instead of 'class', then
            RecentChange::getEngine() is used to determine the class. All options are
            passed to the constructor.
            Common options:
            - 'class' -- The class to use for this feed (must implement RCFeed).
            - 'omit_bots' -- Exclude bot edits from the feed. (default: false)
            - 'omit_anon' -- Exclude anonymous edits from the feed. (default: false)
            - 'omit_user' -- Exclude edits by registered users from the feed. (default: false)
            - 'omit_minor' -- Exclude minor edits from the feed. (default: false)
            - 'omit_patrolled' -- Exclude patrolled edits from the feed. (default: false)
            FormattedRCFeed-specific options:
            - 'uri' -- [required] The address to which the messages are sent.
              The uri scheme of this string will be looked up in $wgRCEngines
              to determine which FormattedRCFeed class to use.
            - 'formatter' -- [required] The class (implementing RCFeedFormatter) which will
              produce the text to send. This can also be an object of the class.
              Formatters available by default: JSONRCFeedFormatter, XMLRCFeedFormatter,
              IRCColourfulRCFeedFormatter.
            IRCColourfulRCFeedFormatter-specific options:
            - 'add_interwiki_prefix' -- whether the titles should be prefixed with
              the first entry in the $wgLocalInterwikis array
            JSONRCFeedFormatter-specific options:
            - 'channel' -- if set, the 'channel' parameter is also set in JSON values.
            **Examples:**
            ```
            $wgRCFeeds['example'] = [
                'uri' => 'udp://localhost:1336',
                'formatter' => 'JSONRCFeedFormatter',
                'add_interwiki_prefix' => false,
                'omit_bots' => true,
            ];
            ```
            ```
            $wgRCFeeds['example'] = [
                'uri' => 'udp://localhost:1338',
                'formatter' => 'IRCColourfulRCFeedFormatter',
                'add_interwiki_prefix' => false,
                'omit_bots' => true,
            ];
            ```
            ```
            $wgRCFeeds['example'] = [
                'class' => ExampleRCFeed::class,
            ];
            ```
            @since 1.22
    RCEngines:
        default:
            redis: MediaWiki\RCFeed\RedisPubSubFeedEngine
            udp: MediaWiki\RCFeed\UDPRCFeedEngine
        type: object
        description: |-
            Used by RecentChange::getEngine to find the correct engine for a given URI scheme.
            Keys are scheme names, values are names of FormattedRCFeed sub classes.
            @since 1.22
    RCWatchCategoryMembership:
        default: false
        description: |-
            Treat category membership changes as a RecentChange.
            Changes are mentioned in RC for page actions as follows:
            - creation: pages created with categories are mentioned
            - edit: category additions/removals to existing pages are mentioned
            - move: nothing is mentioned (unless templates used depend on the title)
            - deletion: nothing is mentioned
            - undeletion: nothing is mentioned
            @since 1.27
    UseRCPatrol:
        default: true
        description: |-
            Use RC Patrolling to check for vandalism (from recent changes and watchlists)
            New pages and new files are included.
            @note If you disable all patrolling features, you probably also want to
            remove 'patrol' from $wgFilterLogTypes so a show/hide link isn't shown on
            Special:Log.
    StructuredChangeFiltersLiveUpdatePollingRate:
        default: 3
        description: |-
            Polling rate, in seconds, used by the 'live update' and 'view newest' features
            of the RCFilters app on SpecialRecentChanges and Special:Watchlist.
            0 to disable completely.
    UseNPPatrol:
        default: true
        description: |-
            Use new page patrolling to check new pages on Special:Newpages
            @note If you disable all patrolling features, you probably also want to
            remove 'patrol' from $wgFilterLogTypes so a show/hide link isn't shown on
            Special:Log.
    UseFilePatrol:
        default: true
        description: |-
            Use file patrolling to check new files on Special:Newfiles
            @note If you disable all patrolling features, you probably also want to
            remove 'patrol' from $wgFilterLogTypes so a show/hide link isn't shown on
            Special:Log.
            @since 1.27
    Feed:
        default: true
        description: 'Provide syndication feeds (RSS, Atom) for, e.g., Recentchanges, Newpages'
    FeedLimit:
        default: 50
        description: |-
            Set maximum number of results to return in syndication feeds (RSS, Atom) for
            eg Recentchanges, Newpages.
    FeedCacheTimeout:
        default: 60
        description: |-
            _Minimum_ timeout for cached Recentchanges feed, in seconds.
            A cached version will continue to be served out even if changes
            are made, until this many seconds runs out since the last render.
            If set to 0, feed caching is disabled. Use this for debugging only;
            feed generation can be pretty slow with diffs.
    FeedDiffCutoff:
        default: 32768
        description: |-
            When generating Recentchanges RSS/Atom feed, diffs will not be generated for
            pages larger than this size.
    OverrideSiteFeed:
        default: {  }
        type: object
        description: |-
            Override the site's default RSS/ATOM feed for recentchanges that appears on
            every page. Some sites might have a different feed they'd like to promote
            instead of the RC feed (maybe like a "Recent New Articles" or "Breaking news" one).
            Should be a format as key (either 'rss' or 'atom') and an URL to the feed
            as value.
            **Example:**
            Configure the 'atom' feed to https://example.com/somefeed.xml
            ```
            $wgSiteFeed['atom'] = "https://example.com/somefeed.xml";
            ```
    FeedClasses:
        default:
            rss: MediaWiki\Feed\RSSFeed
            atom: MediaWiki\Feed\AtomFeed
        type: object
        description: |-
            Available feeds objects.
            Should probably only be defined when a page is syndicated ie when
            $wgOut->isSyndicated() is true.
    AdvertisedFeedTypes:
        default:
            - atom
        type: array
        description: |-
            Which feed types should we provide by default?  This can include 'rss',
            'atom', neither, or both.
    RCShowWatchingUsers:
        default: false
        description: 'Show watching users in recent changes, watchlist and page history views'
    RCShowChangedSize:
        default: true
        description: 'Show the amount of changed characters in recent changes'
    RCChangedSizeThreshold:
        default: 500
        description: |-
            If the difference between the character counts of the text
            before and after the edit is below that value, the value will be
            highlighted on the RC page.
    ShowUpdatedMarker:
        default: true
        description: |-
            Show "Updated (since my last visit)" marker in RC view, watchlist and history
            view for watched pages with new changes
    DisableAnonTalk:
        default: false
        description: |-
            Disable links to talk pages of anonymous users (IPs) in listings on special
            pages like page history, Special:Recentchanges, etc.
    UseTagFilter:
        default: true
        description: |-
            Allow filtering by change tag in recentchanges, history, etc
            Has no effect if no tags are defined.
    SoftwareTags:
        default:
            mw-contentmodelchange: true
            mw-new-redirect: true
            mw-removed-redirect: true
            mw-changed-redirect-target: true
            mw-blank: true
            mw-replace: true
            mw-rollback: true
            mw-undo: true
            mw-manual-revert: true
            mw-reverted: true
            mw-server-side-upload: true
        type: object
        additionalProperties:
            type: boolean
        description: |-
            List of core tags to enable.
            @since 1.31
            @since 1.36 Added 'mw-manual-revert' and 'mw-reverted'
            @see \ChangeTags::TAG_CONTENT_MODEL_CHANGE
            @see \ChangeTags::TAG_NEW_REDIRECT
            @see \ChangeTags::TAG_REMOVED_REDIRECT
            @see \ChangeTags::TAG_CHANGED_REDIRECT_TARGET
            @see \ChangeTags::TAG_BLANK
            @see \ChangeTags::TAG_REPLACE
            @see \ChangeTags::TAG_ROLLBACK
            @see \ChangeTags::TAG_UNDO
            @see \ChangeTags::TAG_MANUAL_REVERT
            @see \ChangeTags::TAG_REVERTED
            @see \ChangeTags::TAG_SERVER_SIDE_UPLOAD
    UnwatchedPageThreshold:
        default: false
        description: |-
            If set to an integer, pages that are watched by this many users or more
            will not require the unwatchedpages permission to view the number of
            watchers.
            @since 1.21
    RecentChangesFlags:
        default:
            newpage: { letter: newpageletter, title: recentchanges-label-newpage, legend: recentchanges-legend-newpage, grouping: any }
            minor: { letter: minoreditletter, title: recentchanges-label-minor, legend: recentchanges-legend-minor, class: minoredit, grouping: all }
            bot: { letter: boteditletter, title: recentchanges-label-bot, legend: recentchanges-legend-bot, class: botedit, grouping: all }
            unpatrolled: { letter: unpatrolledletter, title: recentchanges-label-unpatrolled, legend: recentchanges-legend-unpatrolled, grouping: any }
        type: object
        description: |-
            Flags (letter symbols) shown in recent changes and watchlist to indicate
            certain types of edits.
            To register a new one:
            ```
            $wgRecentChangesFlags['flag'] => [
              // message for the letter displayed next to rows on changes lists
              'letter' => 'letter-msg',
              // message for the tooltip of the letter
              'title' => 'tooltip-msg',
              // optional (defaults to 'tooltip-msg'), message to use in the legend box
              'legend' => 'legend-msg',
              // optional (defaults to 'flag'), CSS class to put on changes lists rows
              'class' => 'css-class',
              // optional (defaults to 'any'), how top-level flag is determined.  'any'
              // will set the top-level flag if any line contains the flag, 'all' will
              // only be set if all lines contain the flag.
              'grouping' => 'any',
            ];
            ```
            @since 1.22
    WatchlistExpiry:
        default: false
        type: boolean
        description: |-
            Whether to enable the watchlist expiry feature.
            @since 1.35
    WatchlistPurgeRate:
        default: 0.1
        type: number
        description: |-
            Chance of expired watchlist items being purged on any page edit.
            Only has effect if $wgWatchlistExpiry is true.
            If this is zero, expired watchlist items will not be removed
            and the purgeExpiredWatchlistItems.php maintenance script should be run periodically.
            @since 1.35
    WatchlistExpiryMaxDuration:
        default: '1 year'
        type:
            - string
            - 'null'
        description: |-
            Relative maximum duration for watchlist expiries, as accepted by strtotime().
            This relates to finite watchlist expiries only. Pages can be watched indefinitely
            regardless of what this is set to.
            This is used to ensure the watchlist_expiry table doesn't grow to be too big.
            Only has effect if $wgWatchlistExpiry is true.
            Set to null to allow expiries of any duration.
            @since 1.35
    RightsPage:
        default: null
        description: |-
            Override for copyright metadata.
            This is the name of the page containing information about the wiki's copyright status,
            which will be added as a link in the footer if it is specified. It overrides
            $wgRightsUrl if both are specified.
    RightsUrl:
        default: null
        description: |-
            Set this to specify an external URL containing details about the content license used on your
            wiki.
            If $wgRightsPage is set then this setting is ignored.
    RightsText:
        default: null
        description: |-
            If either $wgRightsUrl or $wgRightsPage is specified then this variable gives the text for
            the link. Otherwise, it will be treated as raw HTML.
            If using $wgRightsUrl then this value must be specified. If using $wgRightsPage then the
            name
            of the page will also be used as the link text if this variable is not set.
    RightsIcon:
        default: null
        description: 'Override for copyright metadata.'
    UseCopyrightUpload:
        default: false
        description: 'Set this to true if you want detailed copyright information forms on Upload.'
    MaxCredits:
        default: 0
        description: |-
            Set this to the number of authors that you want to be credited below an
            article text. Set it to zero to hide the attribution block, and a negative
            number (like -1) to show all authors. Note that this will require 2-3 extra
            database hits, which can have a not insignificant impact on performance for
            large wikis.
    ShowCreditsIfMax:
        default: true
        description: |-
            If there are more than $wgMaxCredits authors, show $wgMaxCredits of them.
            Otherwise, link to a separate credits page.
    ImportSources:
        default: {  }
        type: object
        description: |-
            List of interwiki prefixes for wikis we'll accept as sources for
            Special:Import and API action=import. Since complete page history can be
            imported, these should be 'trusted'.
            This can either be a regular array, or an associative map specifying
            subprojects on the interwiki map of the target wiki, or a mix of the two,
            e.g.
            ```
            $wgImportSources = [
                'wikipedia' => [ 'cs', 'en', 'fr', 'zh' ],
                'wikispecies',
                'wikia' => [ 'animanga', 'brickipedia', 'desserts' ],
            ];
            ```
            If you have a very complex import sources setup, you can lazy-load it using
            the ImportSources hook.
            If a user has the 'import' permission but not the 'importupload' permission,
            they will only be able to run imports through this transwiki interface.
    ImportTargetNamespace:
        default: null
        description: |-
            Optional default target namespace for interwiki imports.
            Can use this to create an incoming "transwiki"-style queue.
            Set to numeric key, not the name.
            Users may override this in the Special:Import dialog.
    ExportAllowHistory:
        default: true
        description: |-
            If set to false, disables the full-history option on Special:Export.
            This is currently poorly optimized for long edit histories, so is
            disabled on Wikimedia's sites.
    ExportMaxHistory:
        default: 0
        description: |-
            If set nonzero, Special:Export requests for history of pages with
            more revisions than this will be rejected. On some big sites things
            could get bogged down by very very long pages.
    ExportAllowListContributors:
        default: false
        description: 'Return distinct author list (when not returning full history)'
    ExportMaxLinkDepth:
        default: 0
        description: |-
            If non-zero, Special:Export accepts a "pagelink-depth" parameter
            up to this specified level, which will cause it to include all
            pages linked to from the pages you specify. Since this number
            can become *really really large* and could easily break your wiki,
            it's disabled by default for now.
            @warning There's a HARD CODED limit of 5 levels of recursion to prevent a
            crazy-big export from being done by someone setting the depth number too
            high. In other words, last resort safety net.
    ExportFromNamespaces:
        default: false
        description: 'Whether to allow the "export all pages in namespace" option'
    ExportAllowAll:
        default: false
        description: 'Whether to allow exporting the entire wiki into a single file'
    ExportPagelistLimit:
        default: 5000
        description: |-
            Maximum number of pages returned by the GetPagesFromCategory and
            GetPagesFromNamespace functions.
            @since 1.27
    XmlDumpSchemaVersion:
        default: '0.11'
        description: |-
            The schema to use by default when generating XML dumps. This allows sites to control
            explicitly when to make breaking changes to their export and dump format.
    WikiFarmSettingsDirectory:
        default: null
        description: |-
            A directory that contains site-specific configuration files.
            Setting this will enable multi-tenant ("wiki farm") mode, causing
            site-specific settings to be loaded based on information from the web request.
            @unstable EXPERIMENTAL
            @since 1.38
    WikiFarmSettingsExtension:
        default: yaml
        description: |-
            The file extension to be used when looking up site-specific settings files in
            $wgWikiFarmSettingsDirectory, such as 'json' or 'yaml'.
            @unstable EXPERIMENTAL
            @since 1.38
    ExtensionFunctions:
        default: []
        type: array
        description: |-
            A list of callback functions which are called once MediaWiki is fully
            initialised
    ExtensionMessagesFiles:
        default: {  }
        type: object
        description: |-
            Extension messages files.
            Associative array mapping extension name to the filename where messages can be
            found. The file should contain variable assignments. Any of the variables
            present in languages/messages/MessagesEn.php may be defined, but $messages
            is the most common.
            Variables defined in extensions will override conflicting variables defined
            in the core.
            Since MediaWiki 1.23, use of this variable to define messages is discouraged; instead, store
            messages in JSON format and use $wgMessagesDirs. For setting other variables than
            $messages, $wgExtensionMessagesFiles should still be used. Use a DIFFERENT key because
            any entry having a key that also exists in $wgMessagesDirs will be ignored.
            Extensions using the JSON message format can preserve backward compatibility with
            earlier versions of MediaWiki by using a compatibility shim, such as one generated
            by the generateJsonI18n.php maintenance script, listing it under the SAME key
            as for the $wgMessagesDirs entry.
            **Example:**
            ```
            $wgExtensionMessagesFiles['ConfirmEdit'] = __DIR__.'/ConfirmEdit.i18n.php';
            ```
    MessagesDirs:
        default: {  }
        type: object
        description: |-
            Extension messages directories.
            Associative array mapping extension name to the path of the directory where message files can
            be found. The message files are expected to be JSON files named for their language code, e.g.
            en.json, de.json, etc. Extensions with messages in multiple places may specify an array of
            message directories.
            Message directories in core should be added to LocalisationCache::getMessagesDirs()
            **Simple example:**
            ```
            $wgMessagesDirs['Example'] = __DIR__ . '/i18n';
            ```
            **Complex example:**
            ```
            $wgMessagesDirs['Example'] = [
                __DIR__ . '/lib/ve/i18n',
                __DIR__ . '/lib/ooui/i18n',
                __DIR__ . '/i18n',
            ]
            ```
            @since 1.23
    TranslationAliasesDirs:
        default: {  }
        type: object
        description: |-
            Message directories containing JSON files for localisation of special page aliases.
            Associative array mapping extension name to the directory where configurations can be
            found. The directory is expected to contain JSON files corresponding to each language code.
            Variables defined in extensions will override conflicting variables defined
            in the core. We recommend using this configuration to set variables that require localisation:
            special page aliases, and in the future namespace aliases and magic words.
            **Simple example**: extension.json
            ```
            "TranslationAliasesDirs": {
              "TranslationNotificationsAlias": "i18n/aliases/"
            }
            ```
            **Complex example**: extension.json
             ```
             "TranslationAliasesDirs": {
               "TranslationNotificationsAlias": [ "i18n/special-page-aliases", "i18n/magic-words", "i18n/namespaces" ]
             }
             ```
            @unstable EXPERIMENTAL
            @since 1.42
    ExtensionEntryPointListFiles:
        default: {  }
        type: object
        description: |-
            Array of files with list(s) of extension entry points to be used in
            maintenance/mergeMessageFileList.php
            @since 1.22
    EnableParserLimitReporting:
        default: true
        description: 'Whether to include the NewPP limit report as a HTML comment'
    ValidSkinNames:
        default: {  }
        type: object
        description: |-
            List of valid skin names
            The key should be the name in all lower case.
            As of 1.35, the value should be a an array in the form of the ObjectFactory specification.
            For example for 'foobarskin' where the PHP class is 'MediaWiki\Skins\FooBar\FooBarSkin' set:
            **skin.json Example:**
            ```
            "ValidSkinNames": {
               "foobarskin": {
                   "displayname": "FooBarSkin",
                   "class": "MediaWiki\\Skins\\FooBar\\FooBarSkin"
               }
            }
            ```
            Historically, the value was a properly cased name for the skin (and is still currently
            supported). This value will be prefixed with "Skin" to create the class name of the
            skin to load. Use Skin::getSkinNames() as an accessor if you wish to have access to the
            full list.
    SpecialPages:
        default: {  }
        type: object
        description: |-
            Special page list. This is an associative array mapping the (canonical) names of
            special pages to either a class name or a ObjectFactory spec to be instantiated, or a callback to use for
            creating the special page object. In all cases, the result must be an instance of SpecialPage.
    ExtensionCredits:
        default: {  }
        type: object
        description: |-
            Add information about an installed extension, keyed by its type.
            This is for use from LocalSettings.php and legacy PHP-entrypoint
            extensions. In general, extensions should (only) declare this
            information in their extension.json file.
            The 'name', 'path' and 'author' keys are required.
            ```
            $wgExtensionCredits['other'][] = [
                'path' => __FILE__,
                'name' => 'Example extension',
                'namemsg' => 'exampleextension-name',
                'author' => [
                    'Foo Barstein',
                ],
                'version' => '0.0.1',
                'url' => 'https://example.org/example-extension/',
                'descriptionmsg' => 'exampleextension-desc',
                'license-name' => 'GPL-2.0-or-later',
            ];
            ```
            The extensions are listed on Special:Version. This page also looks for a file
            named COPYING or LICENSE (optional .txt extension) and provides a link to
            view said file. When the 'license-name' key is specified, this file is
            interpreted as wikitext.
            - $type: One of 'specialpage', 'parserhook', 'variable', 'media', 'antispam',
               'skin', 'api', or 'other', or any additional types as specified through the
               ExtensionTypes hook as used in SpecialVersion::getExtensionTypes().
            - name: Name of extension as an inline string instead of localizable message.
               Do not omit this even if 'namemsg' is provided, as it is used to override
               the path Special:Version uses to find extension's license info, and is
               required for backwards-compatibility with MediaWiki 1.23 and older.
            - namemsg (since MW 1.24): A message key for a message containing the
               extension's name, if the name is localizable. (For example, skin names
               usually are.)
            - author: A string or an array of strings. Authors can be linked using
               the regular wikitext link syntax. To have an internationalized version of
               "and others" show, add an element "...". This element can also be linked,
               for instance "[https://example ...]".
            - descriptionmsg: A message key or an array with message key and parameters:
               `'descriptionmsg' => 'exampleextension-desc',`
            - description: Description of extension as an inline string instead of
               localizable message (omit in favour of 'descriptionmsg').
            - license-name: Short name of the license (used as label for the link), such
              as "GPL-2.0-or-later" or "MIT" (https://spdx.org/licenses/ for a list of identifiers).
            @see \MediaWiki\Specials\SpecialVersion::getCredits
    Hooks:
        default: {  }
        type: object
        mergeStrategy: array_merge_recursive
        description: |-
            Global list of hooks.
            The key is one of the events made available by MediaWiki, you can find
            a description for most of them in their respective hook interfaces. For
            overview of the hook system see docs/Hooks.md. The array is used internally
            by HookContainer::run().
            The value can be one of:
            - A function name: `$wgHooks['event_name'][] = $function;`
            - A function with some data: `$wgHooks['event_name'][] = [ $function, $data ];`
            - A an object method: `$wgHooks['event_name'][] = [ $object, 'method' ];`
            - A closure:
            ```
            $wgHooks['event_name'][] = function ( $hookParam ) {
                // Handler code goes here.
            };
            ```
            @warning You should always append to an event array or you will end up
            deleting a previous registered hook.
            @warning Hook handlers should be registered at file scope. Registering
            handlers after file scope can lead to unexpected results due to caching.
    ServiceWiringFiles:
        default: []
        type: array
        description: |-
            List of service wiring files to be loaded by the default instance of MediaWikiServices. Each
            file listed here is expected to return an associative array mapping service names to
            instantiator functions. Extensions may add wiring files to define their own services.
            However, this cannot be used to replace existing services - use the MediaWikiServices hook
            for that.
            @note the default wiring file will be added automatically by Setup.php
            @see \MediaWiki\MediaWikiServices
            @see \Wikimedia\Services\ServiceContainer::loadWiringFiles() for details on loading
              service instantiator functions.
            @see docs/Injection.md for an overview of dependency
              injection in MediaWiki.
    JobClasses:
        default:
            deletePage: DeletePageJob
            refreshLinks: RefreshLinksJob
            deleteLinks: DeleteLinksJob
            htmlCacheUpdate: HTMLCacheUpdateJob
            sendMail: { class: EmaillingJob, services: [Emailer] }
            enotifNotify: EnotifNotifyJob
            fixDoubleRedirect: { class: DoubleRedirectJob, services: [RevisionLookup, MagicWordFactory, WikiPageFactory], needsPage: true }
            AssembleUploadChunks: AssembleUploadChunksJob
            PublishStashedFile: PublishStashedFileJob
            ThumbnailRender: ThumbnailRenderJob
            UploadFromUrl: UploadFromUrlJob
            recentChangesUpdate: RecentChangesUpdateJob
            refreshLinksPrioritized: RefreshLinksJob
            refreshLinksDynamic: RefreshLinksJob
            activityUpdateJob: MediaWiki\Watchlist\ActivityUpdateJob
            categoryMembershipChange: CategoryMembershipChangeJob
            clearUserWatchlist: MediaWiki\Watchlist\ClearUserWatchlistJob
            watchlistExpiry: MediaWiki\Watchlist\WatchlistExpiryJob
            cdnPurge: CdnPurgeJob
            userGroupExpiry: UserGroupExpiryJob
            clearWatchlistNotifications: MediaWiki\Watchlist\ClearWatchlistNotificationsJob
            userOptionsUpdate: UserOptionsUpdateJob
            revertedTagUpdate: RevertedTagUpdateJob
            'null': NullJob
            userEditCountInit: UserEditCountInitJob
            parsoidCachePrewarm: { class: ParsoidCachePrewarmJob, services: [ParserOutputAccess, PageStore, RevisionLookup, ParsoidSiteConfig], needsPage: false }
            renameUser: { class: MediaWiki\RenameUser\RenameUserJob, services: [MainConfig, DBLoadBalancerFactory] }
        type: object
        description: |-
            Maps jobs to their handlers; extensions
            can add to this to provide custom jobs.
            Since 1.40, job handlers can be specified as object specs
            for use with ObjectFactory, using an array, a plain class name,
            or a callback.
            @note The constructor signature of job classes has to follow one of two patterns:
            Either it takes a parameter array as the first argument, followed by any services it
            needs to have injected: ( array $params, ... ).
            Or it takes a PageReference as the first parameter, followed by the parameter array,
            followed by any services: ( PageReference $page, array $params, ... ).
            In order to signal to the JobFactory that the $page parameter should be omitted from
            the constructor arguments, the job class has to be a subclass of GenericParameterJob,
            or the object specification for the job has to set the 'needsPage' key to false.
            If a callback is used, its signature follows the same rules.
    JobTypesExcludedFromDefaultQueue:
        default:
            - AssembleUploadChunks
            - PublishStashedFile
            - UploadFromUrl
        type: array
        description: |-
            Jobs that must be explicitly requested, i.e. aren't run by job runners unless
            special flags are set. The values here are keys of $wgJobClasses.
            These can be:
            - Very long-running jobs.
            - Jobs that you would never want to run as part of a page rendering request.
            - Jobs that you want to run on specialized machines ( like transcoding, or a particular
              machine on your cluster has 'outside' web access you could restrict uploadFromUrl )
            These settings should be global to all wikis.
    JobBackoffThrottling:
        default: {  }
        type: object
        additionalProperties:
            type: number
        description: |-
            Map of job types to how many job "work items" should be run per second
            on each job runner process. The meaning of "work items" varies per job,
            but typically would be something like "pages to update". A single job
            may have a variable number of work items, as is the case with batch jobs.
            This is used by runJobs.php and not jobs run via $wgJobRunRate.
            These settings should be global to all wikis.
    JobTypeConf:
        default:
            default: { class: JobQueueDB, order: random, claimTTL: 3600 }
        additionalProperties:
            type: object
            properties: { class: { type: string }, order: { type: string }, claimTTL: { type: integer } }
        type: object
        description: |-
            Map of job types to configuration arrays.
            This determines which queue class and storage system is used for each job type.
            Job types that do not have explicit configuration will use the 'default' config.
            These settings should be global to all wikis.
    JobQueueIncludeInMaxLagFactor:
        default: false
        description: |-
            Whether to include the number of jobs that are queued
            for the API's maxlag parameter.
            The total number of jobs will be divided by this to get an
            estimated second of maxlag. Typically bots backoff at maxlag=5,
            so setting this to the max number of jobs that should be in your
            queue divided by 5 should have the effect of stopping bots once
            that limit is hit.
            @since 1.29
    SpecialPageCacheUpdates:
        default:
            Statistics: [MediaWiki\Deferred\SiteStatsUpdate, cacheUpdate]
        type: object
        description: |-
            Additional functions to be performed with updateSpecialPages.
            Expensive Querypages are already updated.
    PagePropLinkInvalidations:
        default:
            hiddencat: categorylinks
        type: object
        description: |-
            Page property link table invalidation lists. When a page property
            changes, this may require other link tables to be updated (eg
            adding __HIDDENCAT__ means the hiddencat tracking category will
            have been added, so the categorylinks table needs to be rebuilt).
            This array can be added to by extensions.
    CategoryMagicGallery:
        default: true
        description: |-
            On category pages, show thumbnail gallery for images belonging to that
            category instead of listing them as articles.
    CategoryPagingLimit:
        default: 200
        description: 'Paging limit for categories'
    CategoryCollation:
        default: uppercase
        description: |-
            Specify how category names should be sorted, when listed on a category page.
            A sorting scheme is also known as a collation.
            Available values are:
              - uppercase: Converts the category name to upper case, and sorts by that.
              - identity: Does no conversion. Sorts by binary value of the string.
              - uca-default: Provides access to the Unicode Collation Algorithm with
                the default element table. This is a compromise collation which sorts
                all languages in a mediocre way. However, it is better than "uppercase".
            To use the uca-default collation, you must have PHP's intl extension
            installed. See https://www.php.net/manual/en/intl.setup.php . The details of the
            resulting collation will depend on the version of ICU installed on the
            server.
            After you change this, you must run maintenance/updateCollation.php to fix
            the sort keys in the database.
            Extensions can define there own collations by subclassing Collation
            and using the Collation::factory hook.
    TempCategoryCollations:
        default: []
        type: array
        description: |-
            Additional category collations to store during LinksUpdate. This can be used
            to perform online migration of categories from one collation to another. An
            array of associative arrays each having the following keys:
            - table: (string) The table name
            - collation: (string) The collation to use for cl_sortkey
            - fakeCollation: (string) The collation name to insert into cl_collation
            @since 1.38
    TrackingCategories:
        default: []
        type: array
        deprecated: |-
            since 1.25 Extensions should now register tracking categories using the new
            extension registration system.
        description: |-
            Array holding default tracking category names.
            Array contains the system messages for each tracking category.
            Tracking categories allow pages with certain characteristics to be tracked.
            It works by adding any such page to a category automatically.
            A message with the suffix '-desc' should be added as a description message
            to have extra information on Special:TrackingCategories.
            @deprecated since 1.25 Extensions should now register tracking categories using
            the new extension registration system.
            @since 1.23
    LogTypes:
        default:
            - ''
            - block
            - protect
            - rights
            - delete
            - upload
            - move
            - import
            - patrol
            - merge
            - suppress
            - tag
            - managetags
            - contentmodel
            - renameuser
        type: array
        description: |-
            The logging system has two levels: an event type, which describes the
            general category and can be viewed as a named subset of all logs; and
            an action, which is a specific kind of event that can exist in that
            log type.
            Note that code should call LogPage::validTypes() to get a list of valid
            log types instead of checking the global variable.
    LogRestrictions:
        default:
            suppress: suppressionlog
        type: object
        description: |-
            This restricts log access to those who have a certain right
            Users without this will not see it in the option menu and can not view it
            Restricted logs are not added to recent changes
            Logs should remain non-transcludable
            Format: logtype => permissiontype
    FilterLogTypes:
        default:
            patrol: true
            tag: true
            newusers: false
        type: object
        description: |-
            Show/hide links on Special:Log will be shown for these log types.
            This is associative array of log type => boolean "hide by default"
            See $wgLogTypes for a list of available log types.
            **Example:**
            `$wgFilterLogTypes = [ 'move' => true, 'import' => false ];`
            Will display show/hide links for the move and import logs. Move logs will be
            hidden by default unless the link is clicked. Import logs will be shown by
            default, and hidden when the link is clicked.
            A message of the form logeventslist-[type]-log should be added, and will be
            used for the link text.
    LogNames:
        default:
            '': all-logs-page
            block: blocklogpage
            protect: protectlogpage
            rights: rightslog
            delete: dellogpage
            upload: uploadlogpage
            move: movelogpage
            import: importlogpage
            patrol: patrol-log-page
            merge: mergelog
            suppress: suppressionlog
        type: object
        description: |-
            Lists the message key string for each log type. The localized messages
            will be listed in the user interface.
            Extensions with custom log types may add to this array.
            @since 1.19, if you follow the naming convention log-name-TYPE,
            where TYPE is your log type, you don't need to use this array.
    LogHeaders:
        default:
            '': alllogstext
            block: blocklogtext
            delete: dellogpagetext
            import: importlogpagetext
            merge: mergelogpagetext
            move: movelogpagetext
            patrol: patrol-log-header
            protect: protectlogtext
            rights: rightslogtext
            suppress: suppressionlogtext
            upload: uploadlogpagetext
        type: object
        description: |-
            Lists the message key string for descriptive text to be shown at the
            top of each log type.
            Extensions with custom log types may add to this array.
            @since 1.19, if you follow the naming convention log-description-TYPE,
            where TYPE is your log type, yoy don't need to use this array.
    LogActions:
        default: {  }
        type: object
        description: |-
            Maps log actions to message keys, for formatting log entries of each type
            and action when displaying logs to the user.
            The array keys are composed as "$type/$action".
            Extensions with custom log types may add to this array.
    LogActionsHandlers:
        default:
            block/block: BlockLogFormatter
            block/reblock: BlockLogFormatter
            block/unblock: BlockLogFormatter
            contentmodel/change: ContentModelLogFormatter
            contentmodel/new: ContentModelLogFormatter
            delete/delete: DeleteLogFormatter
            delete/delete_redir: DeleteLogFormatter
            delete/delete_redir2: DeleteLogFormatter
            delete/event: DeleteLogFormatter
            delete/restore: DeleteLogFormatter
            delete/revision: DeleteLogFormatter
            import/interwiki: ImportLogFormatter
            import/upload: ImportLogFormatter
            managetags/activate: LogFormatter
            managetags/create: LogFormatter
            managetags/deactivate: LogFormatter
            managetags/delete: LogFormatter
            merge/merge: MergeLogFormatter
            move/move: MoveLogFormatter
            move/move_redir: MoveLogFormatter
            patrol/patrol: PatrolLogFormatter
            patrol/autopatrol: PatrolLogFormatter
            protect/modify: ProtectLogFormatter
            protect/move_prot: ProtectLogFormatter
            protect/protect: ProtectLogFormatter
            protect/unprotect: ProtectLogFormatter
            renameuser/renameuser: RenameuserLogFormatter
            rights/autopromote: RightsLogFormatter
            rights/rights: RightsLogFormatter
            suppress/block: BlockLogFormatter
            suppress/delete: DeleteLogFormatter
            suppress/event: DeleteLogFormatter
            suppress/reblock: BlockLogFormatter
            suppress/revision: DeleteLogFormatter
            tag/update: TagLogFormatter
            upload/overwrite: UploadLogFormatter
            upload/revert: UploadLogFormatter
            upload/upload: UploadLogFormatter
        type: object
        description: |-
            The same as above, but here values are class names or ObjectFactory specifications,
            not messages. The specification must resolve to a LogFormatter subclass,
            and will receive the LogEntry object as its first constructor argument.
            The type can be specified as '*' (e.g. 'block/*') to handle all types.
            @see \LogPage::actionText
            @see \LogFormatter
    ActionFilteredLogs:
        default:
            block: { block: [block], reblock: [reblock], unblock: [unblock] }
            contentmodel: { change: [change], new: [new] }
            delete: { delete: [delete], delete_redir: [delete_redir, delete_redir2], restore: [restore], event: [event], revision: [revision] }
            import: { interwiki: [interwiki], upload: [upload] }
            managetags: { create: [create], delete: [delete], activate: [activate], deactivate: [deactivate] }
            move: { move: [move], move_redir: [move_redir] }
            newusers: { create: [create, newusers], create2: [create2], autocreate: [autocreate], byemail: [byemail] }
            protect: { protect: [protect], modify: [modify], unprotect: [unprotect], move_prot: [move_prot] }
            rights: { rights: [rights], autopromote: [autopromote] }
            suppress: { event: [event], revision: [revision], delete: [delete], block: [block], reblock: [reblock] }
            upload: { upload: [upload], overwrite: [overwrite], revert: [revert] }
        type: object
        description: |-
            List of log types that can be filtered by action types
            To each action is associated the list of log_action
            subtypes to search for, usually one, but not necessarily so
            Extensions may append to this array
            @since 1.27
    NewUserLog:
        default: true
        description: 'Maintain a log of newusers at Special:Log/newusers?'
    PageCreationLog:
        default: true
        description: |-
            Maintain a log of page creations at Special:Log/create?
            @since 1.32
    AllowSpecialInclusion:
        default: true
        description: 'Allow special page inclusions such as {{Special:Allpages}}'
    DisableQueryPageUpdate:
        default: false
        description: |-
            Set this to an array of special page names to prevent
            maintenance/updateSpecialPages.php from updating those pages.
            Mapping each special page name to a run mode like 'periodical' if a cronjob is set up.
    CountCategorizedImagesAsUsed:
        default: false
        description: |-
            On Special:Unusedimages, consider images "used", if they are put
            into a category. Default (false) is not to count those as used.
    MaxRedirectLinksRetrieved:
        default: 500
        description: |-
            Maximum number of links to a redirect page listed on
            Special:Whatlinkshere/RedirectDestination
    RangeContributionsCIDRLimit:
        default:
            IPv4: 16
            IPv6: 32
        type: object
        additionalProperties:
            type: integer
        description: |-
            Shortest CIDR limits that can be checked in any individual range check
            at Special:Contributions.
            @since 1.30
    Actions:
        default: {  }
        type: object
        description: |-
            Map of allowed values for the "title=foo&action=<action>" parameter.
            to the corresponding handler code.
            See ActionFactory for the syntax. Core defaults are in ActionFactory::CORE_ACTIONS,
            anything here overrides that.
    DefaultRobotPolicy:
        default: 'index,follow'
        description: |-
            Default robot policy.  The default policy is to encourage indexing and fol-
            lowing of links.  It may be overridden on a per-namespace and/or per-page
            basis.
    NamespaceRobotPolicies:
        default: {  }
        type: object
        description: |-
            Robot policies per namespaces. The default policy is given above, the array
            is made of namespace constants as defined in includes/Defines.php.  You can-
            not specify a different default policy for NS_SPECIAL: it is always noindex,
            nofollow.  This is because a number of special pages (e.g., ListPages) have
            many permutations of options that display the same data under redundant
            URLs, so search engine spiders risk getting lost in a maze of twisty special
            pages, all alike, and never reaching your actual content.
            **Example:**
            ```
            $wgNamespaceRobotPolicies = [ NS_TALK => 'noindex' ];
            ```
    ArticleRobotPolicies:
        default: {  }
        type: object
        description: |-
            Robot policies per article. These override the per-namespace robot policies.
            Must be in the form of an array where the key part is a properly canonicalised
            text form title and the value is a robot policy.
            **Example:**
            ```
            $wgArticleRobotPolicies = [
                    'Main Page' => 'noindex,follow',
                    'User:Bob' => 'index,follow',
            ];
            ```
            **Example that DOES NOT WORK because the names are not canonical text**
            forms:
            ```
            $wgArticleRobotPolicies = [
              // Underscore, not space!
              'Main_Page' => 'noindex,follow',
              // "Project", not the actual project name!
              'Project:X' => 'index,follow',
              // Needs to be "Abc", not "abc" (unless $wgCapitalLinks is false for that namespace)!
              'abc' => 'noindex,nofollow'
            ];
            ```
    ExemptFromUserRobotsControl:
        default: null
        type:
            - array
            - 'null'
        description: |-
            An array of namespace keys in which the __INDEX__/__NOINDEX__ magic words
            will not function, so users can't decide whether pages in that namespace are
            indexed by search engines.  If set to null, default to $wgContentNamespaces.
            **Example:**
            ```
            $wgExemptFromUserRobotsControl = [ NS_MAIN, NS_TALK, NS_PROJECT ];
            ```
    DebugAPI:
        default: false
        description: |-
            WARNING: SECURITY THREAT - debug use only
            Disables many security checks in the API for debugging purposes.
            This flag should never be used on the production servers, as it introduces
            a number of potential security holes. Even when enabled, the validation
            will still be performed, but instead of failing, API will return a warning.
            Also, there will always be a warning notifying that this flag is set.
            At this point, the flag allows GET requests to go through for modules
            requiring POST.
            @since 1.21
    APIModules:
        default: {  }
        type: object
        description: |-
            API module extensions.
            Associative array mapping module name to modules specs;
            Each module spec is an associative array containing at least
            the 'class' key for the module's class, and optionally a
            'factory' key for the factory function to use for the module.
            That factory function will be called with two parameters,
            the parent module (an instance of ApiBase, usually ApiMain)
            and the name the module was registered under. The return
            value must be an instance of the class given in the 'class'
            field.
            For backward compatibility, the module spec may also be a
            simple string containing the module's class name. In that
            case, the class' constructor will be called with the parent
            module and module name as parameters, as described above.
            Examples for registering API modules:
            ```
            $wgAPIModules['foo'] = 'ApiFoo';
            $wgAPIModules['bar'] = [
              'class' => ApiBar::class,
              'factory' => function( $main, $name ) { ... }
            ];
            $wgAPIModules['xyzzy'] = [
              'class' => ApiXyzzy::class,
              'factory' => [ XyzzyFactory::class, 'newApiModule' ]
            ];
            ```
            Extension modules may override the core modules.
            See ApiMain::MODULES for a list of the core modules.
    APIFormatModules:
        default: {  }
        type: object
        description: |-
            API format module extensions.
            Associative array mapping format module name to module specs (see $wgAPIModules).
            Extension modules may override the core modules.
            See ApiMain::FORMATS for a list of the core format modules.
    APIMetaModules:
        default: {  }
        type: object
        description: |-
            API Query meta module extensions.
            Associative array mapping meta module name to module specs (see $wgAPIModules).
            Extension modules may override the core modules.
            See ApiQuery::QUERY_META_MODULES for a list of the core meta modules.
    APIPropModules:
        default: {  }
        type: object
        description: |-
            API Query prop module extensions.
            Associative array mapping prop module name to module specs (see $wgAPIModules).
            Extension modules may override the core modules.
            See ApiQuery::QUERY_PROP_MODULES for a list of the core prop modules.
    APIListModules:
        default: {  }
        type: object
        description: |-
            API Query list module extensions.
            Associative array mapping list module name to module specs (see $wgAPIModules).
            Extension modules may override the core modules.
            See ApiQuery::QUERY_LIST_MODULES for a list of the core list modules.
    APIMaxDBRows:
        default: 5000
        description: |-
            Maximum amount of rows to scan in a DB query in the API
            The default value is generally fine
    APIMaxResultSize:
        default: 8388608
        description: |-
            The maximum size (in bytes) of an API result.
            @warning Do not set this lower than $wgMaxArticleSize*1024
    APIMaxUncachedDiffs:
        default: 1
        description: |-
            The maximum number of uncached diffs that can be retrieved in one API
            request. Set this to 0 to disable API diffs altogether
    APIMaxLagThreshold:
        default: 7
        description: |-
            Maximum amount of DB lag on a majority of DB replica DBs to tolerate
            before forcing bots to retry any write requests via API errors.
            This should be lower than the 'max lag' value in $wgLBFactoryConf.
    APIRequestLog:
        default: false
        deprecated: 'since 1.43; use api or api-request $wgDebugLogGroups channel'
        description: |-
            Log file or URL (TCP or UDP) to log API requests to, or false to disable
            API request logging
    APICacheHelpTimeout:
        default: 3600
        description: 'Set the timeout for the API help text cache. If set to 0, caching disabled'
    APIUselessQueryPages:
        default:
            - MIMEsearch
            - LinkSearch
        type: array
        description: |-
            The ApiQueryQueryPages module should skip pages that are redundant to true
            API queries.
    AjaxLicensePreview:
        default: true
        description: 'Enable previewing licences via AJAX.'
    CrossSiteAJAXdomains:
        default: {  }
        type: object
        description: |-
            Settings for incoming cross-site AJAX requests:
            Newer browsers support cross-site AJAX when the target resource allows requests
            from the origin domain by the Access-Control-Allow-Origin header.
            This is currently only used by the API (requests to api.php)
            $wgCrossSiteAJAXdomains can be set using a wildcard syntax:
            - '*' matches any number of characters
            - '?' matches any 1 character
            **Example:**
            ```
            $wgCrossSiteAJAXdomains = [
                'www.mediawiki.org',
                '*.wikipedia.org',
                '*.wikimedia.org',
                '*.wiktionary.org',
            ];
            ```
    CrossSiteAJAXdomainExceptions:
        default: {  }
        type: object
        description: |-
            Domains that should not be allowed to make AJAX requests,
            even if they match one of the domains allowed by $wgCrossSiteAJAXdomains
            Uses the same syntax as $wgCrossSiteAJAXdomains
    AllowedCorsHeaders:
        default:
            - Accept
            - Accept-Language
            - Content-Language
            - Content-Type
            - Accept-Encoding
            - DNT
            - Origin
            - User-Agent
            - Api-User-Agent
            - Access-Control-Max-Age
            - Authorization
        type: array
        description: 'List of allowed headers for cross-origin API requests.'
    RestAPIAdditionalRouteFiles:
        default: []
        type: array
        description: |-
            Additional REST API Route files.
            A common usage is to enable development/experimental endpoints only on test wikis.
    RestSandboxSpecs:
        default: {  }
        type: object
        additionalProperties:
            type: object
            properties: { url: { type: string, format: url }, name: { type: string }, msg: { type: string, description: 'a message key' } }
            required: [url]
        description: |-
            A list of OpenAPI specs to be made available for exploration on
            Special:RestSandbox. If none are given, Special:RestSandbox is disabled.
            This is an associative array, arbitrary spec IDs to spec descriptions.
            Each spec description is an array with the following keys:
            - url: the URL that will return the OpenAPI spec.
            - name: the name of the API, to be shown on Special:RestSandbox.
              Ignored if msg is given.
            - msg: a message key for the name of the API, to be shown on
              Special:RestSandbox.
            @since 1.43
    MaxShellMemory:
        default: 307200
        description: 'Maximum amount of virtual memory available to shell processes under linux, in KiB.'
    MaxShellFileSize:
        default: 102400
        description: |-
            Maximum file size created by shell processes under linux, in KiB
            ImageMagick convert for example can be fairly hungry for scratch space
    MaxShellTime:
        default: 180
        description: 'Maximum CPU time in seconds for shell processes under Linux'
    MaxShellWallClockTime:
        default: 180
        description: |-
            Maximum wall clock time (i.e. real time, of the kind the clock on the wall
            would measure) in seconds for shell processes under Linux
    ShellCgroup:
        default: false
        description: |-
            Under Linux: a cgroup directory used to constrain memory usage of shell
            commands. The directory must be writable by the user which runs MediaWiki.
            If specified, this is used instead of ulimit, which is inaccurate, and
            causes malloc() to return NULL, which exposes bugs in C applications, making
            them segfault or deadlock.
            A wrapper script will create a cgroup for each shell command that runs, as
            a subgroup of the specified cgroup. If the memory limit is exceeded, the
            kernel will send a SIGKILL signal to a process in the subgroup.
            **Example:**
            ```
            mkdir -p /sys/fs/cgroup/memory/mediawiki
            mkdir -m 0777 /sys/fs/cgroup/memory/mediawiki/job
            echo '$wgShellCgroup = "/sys/fs/cgroup/memory/mediawiki/job";' >> LocalSettings.php
            ```
            The reliability of cgroup cleanup can be improved by installing a
            notify_on_release script in the root cgroup, see e.g.
            https://gerrit.wikimedia.org/r/#/c/40784
    PhpCli:
        default: /usr/bin/php
        description: 'Executable path of the PHP cli binary. Should be set up on install.'
    ShellRestrictionMethod:
        default: autodetect
        type:
            - string
            - boolean
        description: |-
            Method to use to restrict shell commands
            Supported options:
            - 'autodetect': Autodetect if any restriction methods are available
            - 'firejail': Use firejail <https://firejail.wordpress.com/>
            - false: Don't use any restrictions
            @note If using firejail with MediaWiki running in a home directory different
            from the webserver user, firejail 0.9.44+ is required.
            @since 1.31
    ShellboxUrls:
        default:
            default: null
        type: object
        additionalProperties:
            type: [string, boolean, 'null']
        description: |-
            Shell commands can be run on a remote server using Shellbox. To use this
            feature, set this to the URLs mapped by the service, and also configure $wgShellboxSecretKey.
            You can also disable a certain service by setting it to false or null.
            'default' would be the default URL if no URL is defined for that service.
            For more information about installing Shellbox, see
            https://www.mediawiki.org/wiki/Shellbox
            @since 1.37
    ShellboxSecretKey:
        default: null
        type:
            - string
            - 'null'
        description: |-
            The secret key for HMAC verification of Shellbox requests. Set this to
            a long random string.
            @since 1.36
    ShellboxShell:
        default: /bin/sh
        type:
            - string
            - 'null'
        description: |-
            The POSIX-compatible shell to use when running scripts. This is used by
            some media handling shell commands.
            If ShellboxUrls is configured, this path should exist on the remote side.
            On Windows this should be the full path to bash.exe, not git-bash.exe.
            @since 1.42
    HTTPTimeout:
        default: 25
        type: number
        description: |-
            Timeout for HTTP requests done internally, in seconds.
            @since 1.5
    HTTPConnectTimeout:
        default: 5.0
        type: number
        description: |-
            Timeout for connections done internally (in seconds).
            Only supported if cURL is installed, ignored otherwise.
            @since 1.22
    HTTPMaxTimeout:
        default: 0
        type: number
        description: |-
            The maximum HTTP request timeout in seconds. If any specified or configured
            request timeout is larger than this, then this value will be used instead.
            Zero is interpreted as "no limit".
            @since 1.35
    HTTPMaxConnectTimeout:
        default: 0
        type: number
        description: |-
            The maximum HTTP connect timeout in seconds. If any specified or configured
            connect timeout is larger than this, then this value will be used instead.
            Zero is interpreted as "no limit".
            @since 1.35
    HTTPImportTimeout:
        default: 25
        description: |-
            Timeout for HTTP requests done internally for transwiki imports, in seconds.
            @since 1.29
    AsyncHTTPTimeout:
        default: 25
        description: 'Timeout for Asynchronous (background) HTTP requests, in seconds.'
    HTTPProxy:
        default: ''
        description: 'Proxy to use for CURL requests.'
    LocalVirtualHosts:
        default: {  }
        type: object
        description: |-
            Local virtual hosts.
            This lists domains that are configured as virtual hosts on the same machine.
            It is expected that each domain can be identified by its hostname alone,
            without any ports.
            This affects the following:
            - MWHttpRequest: If a request is to be made to a domain listed here, or any
              subdomain thereof, then $wgLocalHTTPProxy will be used.
              Command-line scripts are not affected by this setting and will always use
              the proxy if it is configured.
            @since 1.25
    LocalHTTPProxy:
        default: false
        type:
            - string
            - boolean
        description: |-
            Reverse proxy to use for requests to domains in $wgLocalVirtualHosts
            When used, any port in the request URL will be dropped. The behavior of
            redirects and cookies is dependent upon the reverse proxy actually in use,
            as MediaWiki doesn't implement any special handling for them.
            If set to false, no reverse proxy will be used for local requests.
            @since 1.38
    AllowExternalReqID:
        default: false
        description: |-
            Whether to respect/honour
             - request ID provided by the incoming request via the `X-Request-Id`
             - trace context provided by the incoming request via the `tracestate` and `traceparent`
            Set to `true` if the entity sitting in front of MediaWiki sanitises external requests.
            Default: `false`.
    JobRunRate:
        default: 1
        description: |-
            Number of jobs to perform per request. May be less than one in which case jobs are
            performed probabilistically. If this is zero, jobs will not be done during ordinary
            apache requests. In this case, maintenance/runJobs.php should be run in loop every
            few seconds via a service or cron job. If using a cron job, be sure to handle the
            case where the script is already running (e.g. via `/usr/bin/flock -n <lock_file>`).
            If this is set to a non-zero number, then it is highly recommended that PHP run in
            fastcgi mode (php_fpm). When using a standard Apache PHP handler (mod_php), it is
            recommended that output_buffering and zlib.output_compression both be set to "Off",
            allowing MediaWiki to install an unlimited size output buffer on the fly. Setting
            output_buffering to an integer (e.g. 4096) or enabling zlib.output_compression can
            cause user-visible slowness as background tasks execute during web requests.
            Regardless of the web server engine in use, be sure to configure a sufficient number
            processes/threads in order to avoid exhaustion (which will cause user-visible slowness).
    RunJobsAsync:
        default: false
        description: |-
            When $wgJobRunRate > 0, try to run jobs asynchronously, spawning a new process
            to handle the job execution, instead of blocking the request until the job
            execution finishes.
            @since 1.23
    UpdateRowsPerJob:
        default: 300
        description: 'Number of rows to update per job'
    UpdateRowsPerQuery:
        default: 100
        description: 'Number of rows to update per query'
    RedirectOnLogin:
        default: null
        description: |-
            Allow redirection to another page when a user logs in.
            To enable, set to a string like 'Main Page'
    VirtualRestConfig:
        default:
            paths: []
            modules: []
            global: { timeout: 360, forwardCookies: false, HTTPProxy: null }
        mergeStrategy: array_plus_2d
        type: object
        description: |-
            Global configuration variable for Virtual REST Services.
            Use the 'path' key to define automatically mounted services. The value for this
            key is a map of path prefixes to service configuration. The latter is an array of:
              - class : the fully qualified class name
              - options : map of arguments to the class constructor
            Such services will be available to handle queries under their path from the VRS
            singleton, e.g. MediaWikiServices::getInstance()->getVirtualRESTServiceClient();
            Auto-mounting example for Parsoid:
            $wgVirtualRestConfig['paths']['/parsoid/'] = [
                'class' => ParsoidVirtualRESTService::class,
                'options' => [
                    'url' => 'http://localhost:8000',
                    'prefix' => 'enwiki',
                    'domain' => 'en.wikipedia.org'
                ]
            ];
            Parameters for different services can also be declared inside the 'modules' value,
            which is to be treated as an associative array. The parameters in 'global' will be
            merged with service-specific ones. The result will then be passed to
            VirtualRESTService::__construct() in the module.
            Example config for Parsoid:
              $wgVirtualRestConfig['modules']['parsoid'] = [
                'url' => 'http://localhost:8000',
                'prefix' => 'enwiki',
                'domain' => 'en.wikipedia.org',
              ];
            @since 1.25
    EventRelayerConfig:
        default:
            default: { class: Wikimedia\EventRelayer\EventRelayerNull }
        type: object
        description: |-
            Mapping of event channels (or channel categories) to EventRelayer configuration.
            By setting up a PubSub system (like Kafka) and enabling a corresponding EventRelayer class
            that uses it, MediaWiki can broadcast events to all subscribers. Certain features like WAN
            cache purging and CDN cache purging will emit events to this system. Appropriate listeners
            can subscribe to the channel and take actions based on the events. For example, a local daemon
            can run on each CDN cache node and perform local purges based on the URL purge channel
            events.
            Some extensions may want to use "channel categories" so that different channels can also
            share the same custom relayer instance (e.g. when it's likely to be overridden). They can use
            EventRelayerGroup::getRelayer() based on the category but call notify() on various different
            actual channels. One reason for this would be that some systems have very different
            performance vs durability needs, so one system (e.g. Kafka) may not be suitable for all
            uses.
            The 'default' key is for all channels (or channel categories) without an explicit entry
            here.
            @since 1.27
    Pingback:
        default: false
        type: boolean
        description: |-
            Share data about this installation with MediaWiki developers
            When set to true, MediaWiki will periodically ping https://www.mediawiki.org/ with basic
            data about this MediaWiki instance. This data includes, for example, the type of system,
            PHP version, and chosen database backend. The Wikimedia Foundation shares this data with
            MediaWiki developers to help guide future development efforts.
            For details about what data is sent, see: https://www.mediawiki.org/wiki/Manual:$wgPingback
            For the pingback privacy policy, see:
            https://wikimediafoundation.org/wiki/MediaWiki_Pingback_Privacy_Statement
            Aggregate pingback data is available at: https://pingback.wmflabs.org/
            @since 1.28
    OriginTrials:
        default: []
        type: array
        description: |-
            Origin Trials tokens.
            @since 1.33
    ReportToExpiry:
        default: 86400
        type: integer
        description: |-
            Expiry of the endpoint definition for the Reporting API.
            @unstable EXPERIMENTAL
            @since 1.34
    ReportToEndpoints:
        default: []
        type: array
        description: |-
            List of endpoints for the Reporting API.
            @unstable EXPERIMENTAL
            @since 1.34
    FeaturePolicyReportOnly:
        default: []
        type: array
        description: |-
            List of Feature Policy Reporting types to enable.
            Each entry is turned into a Feature-Policy-Report-Only header.
            @unstable EXPERIMENTAL
            @since 1.34
    SkinsPreferred:
        default:
            - vector-2022
            - vector
        type: array
        description: |-
            List of preferred skins to be listed higher in Special:Preferences
            @since 1.38
    SpecialContributeSkinsEnabled:
        default: []
        type: array
        description: |-
            List of skins that show a link to the Special:Contribute page
            @since 1.40
    EnableEditRecovery:
        default: false
        type: boolean
        description: |-
            Whether to enable the client-side edit recovery feature.
            @unstable Temporary feature flag, T341844
            @since 1.41
    EditRecoveryExpiry:
        default: 2592000
        type: integer
        description: 'Number of seconds to keep edit recovery data after the edit is stored.'
    UseCodexSpecialBlock:
        default: false
        type: boolean
        description: |-
            Whether to use Codex in Special:Block form.
            @unstable Temporary feature flag, T358153
            @since 1.42
    ShowLogoutConfirmation:
        default: false
        type: boolean
        description: |-
            Whether to display a confirmation screen during user log out.
            @unstable Temporary feature flag, T357484
            @since 1.42
    EnableProtectionIndicators:
        default: false
        type: boolean
        description: |-
            Whether to show indicators on a page when it is protected.
            @since 1.43
    OutputPipelineStages:
        default: {  }
        type: object
        description: |-
            OutputPipelineStages to add to the DefaultOutputPipeline.
            @unstable EXPERIMENTAL
            @since 1.43