diff --git a/composer.json b/composer.json
index 649acf1253a..02a13f9bf64 100644
--- a/composer.json
+++ b/composer.json
@@ -88,7 +88,7 @@
"hamcrest/hamcrest-php": "^2.0",
"johnkary/phpunit-speedtrap": "^4.0",
"mediawiki/mediawiki-codesniffer": "39.0.0",
- "mediawiki/mediawiki-phan-config": "0.11.1",
+ "mediawiki/mediawiki-phan-config": "0.12.0",
"nikic/php-parser": "^4.10.2",
"php-parallel-lint/php-console-highlighter": "1.0.0",
"php-parallel-lint/php-parallel-lint": "1.3.2",
diff --git a/includes/GlobalFunctions.php b/includes/GlobalFunctions.php
index 4101eaecf02..d4d6bf7af35 100644
--- a/includes/GlobalFunctions.php
+++ b/includes/GlobalFunctions.php
@@ -1938,7 +1938,6 @@ function wfGetDB( $db, $groups = [], $wiki = false ) {
function wfScript( $script = 'index' ) {
global $wgScriptPath, $wgScript, $wgLoadScript;
if ( $script === 'index' ) {
- // @phan-suppress-next-line PhanPossiblyUndeclaredVariable False positive
return $wgScript;
} elseif ( $script === 'load' ) {
return $wgLoadScript;
diff --git a/includes/OutputPage.php b/includes/OutputPage.php
index 3b012d833ea..dd47d9d6fe6 100644
--- a/includes/OutputPage.php
+++ b/includes/OutputPage.php
@@ -3118,6 +3118,7 @@ class OutputPage extends ContextSource {
$text .= '';
} else {
$text .= "\n" .
+ // @phan-suppress-next-line PhanParamTooFewUnpack Elements of $errors already annotated as non-empty
$this->msg( ...reset( $errors ) )->plain() .
"\n
";
}
diff --git a/includes/Rest/Handler/ParsoidHandler.php b/includes/Rest/Handler/ParsoidHandler.php
index 0a7833588ee..ccde74a6b71 100644
--- a/includes/Rest/Handler/ParsoidHandler.php
+++ b/includes/Rest/Handler/ParsoidHandler.php
@@ -794,7 +794,10 @@ abstract class ParsoidHandler extends Handler {
ParsoidFormatHelper::setContentType( $response, ParsoidFormatHelper::FORMAT_HTML,
$attribs['envOptions']['outputContentVersion'] );
$response->getBody()->write( $out );
+ // @phan-suppress-next-next-line PhanTypeArraySuspiciousNullable $headers can't be null after the
+ // method call, but the docblock of wikitext2html doesn't say that.
$response->setHeader( 'Content-Language', $headers['content-language'] );
+ // @phan-suppress-next-line PhanTypeArraySuspiciousNullable Same.
$response->addHeader( 'Vary', $headers['vary'] );
}
diff --git a/includes/Title.php b/includes/Title.php
index f2e1a28e57c..51a980c1882 100644
--- a/includes/Title.php
+++ b/includes/Title.php
@@ -804,7 +804,6 @@ class Title implements LinkTarget, PageIdentity, IDBAccessObject {
$r0 = $d0;
}
// Do the output
- // @phan-suppress-next-line PhanPluginRedundantAssignmentInLoop Confusing, $r1 is set later
if ( $x0 !== '' && $x1 === '-' && $x2 !== '' ) {
// Range
if ( $ord2 > $ord0 ) {
@@ -821,6 +820,7 @@ class Title implements LinkTarget, PageIdentity, IDBAccessObject {
$out .= "$r2-$r0";
}
// Reset state to the initial value
+ // @phan-suppress-next-line PhanPluginRedundantAssignmentInLoop
$x0 = $x1 = $d0 = $d1 = $r0 = $r1 = '';
} elseif ( $ord2 < 0x80 ) {
// ASCII character
@@ -2271,7 +2271,6 @@ class Title implements LinkTarget, PageIdentity, IDBAccessObject {
$url = false;
$matches = [];
- // @phan-suppress-next-line PhanPossiblyUndeclaredVariable False positive
$articlePaths = PathRouter::getActionPaths( $wgActionPaths, $wgArticlePath );
if ( $articlePaths
@@ -2310,7 +2309,6 @@ class Title implements LinkTarget, PageIdentity, IDBAccessObject {
if ( $query == '-' ) {
$query = '';
}
- // @phan-suppress-next-line PhanPossiblyUndeclaredVariable False positive
$url = "{$wgScript}?title={$dbkey}&{$query}";
}
}
@@ -2340,7 +2338,6 @@ class Title implements LinkTarget, PageIdentity, IDBAccessObject {
*/
public function getLinkURL( $query = '', $query2 = false, $proto = false ) {
if ( $this->isExternal() || $proto !== false ) {
- // @phan-suppress-next-line PhanTypeMismatchArgument
$ret = $this->getFullURL( $query, $query2, $proto );
} elseif ( $this->getPrefixedText() === '' && $this->hasFragment() ) {
$ret = $this->getFragmentForURL();
diff --git a/includes/WebRequest.php b/includes/WebRequest.php
index 24a386ecd81..8819293983f 100644
--- a/includes/WebRequest.php
+++ b/includes/WebRequest.php
@@ -166,7 +166,6 @@ class WebRequest {
$path = $a['path'] ?? '';
global $wgScript;
- // @phan-suppress-next-line PhanPossiblyUndeclaredVariable False positive
if ( $path == $wgScript && $want !== 'all' ) {
// Script inside a rewrite path?
// Abort to keep from breaking...
@@ -176,7 +175,6 @@ class WebRequest {
$router = new PathRouter;
// Raw PATH_INFO style
- // @phan-suppress-next-line PhanPossiblyUndeclaredVariable False positive
$router->add( "$wgScript/$1" );
global $wgArticlePath;
diff --git a/includes/api/ApiBase.php b/includes/api/ApiBase.php
index d62955dd214..fc0b00812a5 100644
--- a/includes/api/ApiBase.php
+++ b/includes/api/ApiBase.php
@@ -1465,7 +1465,6 @@ abstract class ApiBase extends ContextSource {
* @return never
*/
public function dieWithException( Throwable $exception, array $options = [] ) {
- // @phan-suppress-previous-line PhanTypeMissingReturn
$this->dieWithError(
// @phan-suppress-next-line PhanTypeMismatchArgument
$this->getErrorFormatter()->getMessageFromException( $exception, $options )
@@ -1482,7 +1481,6 @@ abstract class ApiBase extends ContextSource {
* @return never
*/
public function dieBlocked( Block $block ) {
- // @phan-suppress-previous-line PhanTypeMissingReturn
// Die using the appropriate message depending on block type
if ( $block->getType() == Block::TYPE_AUTO ) {
$this->dieWithError(
@@ -1544,7 +1542,6 @@ abstract class ApiBase extends ContextSource {
* @return never
*/
public function dieReadOnly() {
- // @phan-suppress-previous-line PhanTypeMissingReturn
$this->dieWithError(
'apierror-readonly',
'readonly',
diff --git a/includes/api/ApiEditPage.php b/includes/api/ApiEditPage.php
index 1b2c038c8da..8762d0cbf8e 100644
--- a/includes/api/ApiEditPage.php
+++ b/includes/api/ApiEditPage.php
@@ -621,6 +621,7 @@ class ApiEditPage extends ApiBase {
// errors on the status.
// @codeCoverageIgnoreStart
case EditPage::AS_SPAM_ERROR:
+ // @phan-suppress-next-line PhanTypePossiblyInvalidDimOffset
$status->fatal( 'apierror-spamdetected', $result['spam'] );
break;
case EditPage::AS_READ_ONLY_PAGE_LOGGED:
diff --git a/includes/api/ApiExpandTemplates.php b/includes/api/ApiExpandTemplates.php
index 26fdea2a2b0..15af39b1ca0 100644
--- a/includes/api/ApiExpandTemplates.php
+++ b/includes/api/ApiExpandTemplates.php
@@ -119,6 +119,7 @@ class ApiExpandTemplates extends ApiBase {
if ( isset( $prop['parsetree'] ) || $params['generatexml'] ) {
$this->parser->startExternalParse( $titleObj, $options, Parser::OT_PREPROCESS );
$dom = $this->parser->preprocessToDom( $params['text'] );
+ // @phan-suppress-next-line PhanUndeclaredMethodInCallable
if ( is_callable( [ $dom, 'saveXML' ] ) ) {
// @phan-suppress-next-line PhanUndeclaredMethod
$xml = $dom->saveXML();
diff --git a/includes/api/ApiQueryRevisionsBase.php b/includes/api/ApiQueryRevisionsBase.php
index 3930811ed01..b03680270c6 100644
--- a/includes/api/ApiQueryRevisionsBase.php
+++ b/includes/api/ApiQueryRevisionsBase.php
@@ -580,6 +580,7 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase {
Parser::OT_PREPROCESS
);
$dom = $parser->preprocessToDom( $t );
+ // @phan-suppress-next-line PhanUndeclaredMethodInCallable
if ( is_callable( [ $dom, 'saveXML' ] ) ) {
// @phan-suppress-next-line PhanUndeclaredMethod
$xml = $dom->saveXML();
diff --git a/includes/api/ApiUpload.php b/includes/api/ApiUpload.php
index 4c048eb3c11..a6971bc0198 100644
--- a/includes/api/ApiUpload.php
+++ b/includes/api/ApiUpload.php
@@ -414,7 +414,6 @@ class ApiUpload extends ApiBase {
* @return never
*/
private function dieRecoverableError( $errors, $parameter = null ) {
- // @phan-suppress-previous-line PhanTypeMissingReturn
$this->performStash( 'optional', $data );
if ( $parameter ) {
@@ -441,7 +440,6 @@ class ApiUpload extends ApiBase {
* @return never
*/
public function dieStatusWithCode( $status, $overrideCode, $moreExtraData = null ) {
- // @phan-suppress-previous-line PhanTypeMissingReturn
$sv = StatusValue::newGood();
foreach ( $status->getErrors() as $error ) {
$msg = ApiMessage::create( $error, $overrideCode );
@@ -654,7 +652,6 @@ class ApiUpload extends ApiBase {
* @return never
*/
protected function checkVerification( array $verification ) {
- // @phan-suppress-previous-line PhanTypeMissingReturn
switch ( $verification['status'] ) {
// Recoverable errors
case UploadBase::MIN_LENGTH_PARTNAME:
diff --git a/includes/auth/ButtonAuthenticationRequest.php b/includes/auth/ButtonAuthenticationRequest.php
index f6c7b6a5084..d82cb962c8f 100644
--- a/includes/auth/ButtonAuthenticationRequest.php
+++ b/includes/auth/ButtonAuthenticationRequest.php
@@ -103,6 +103,7 @@ class ButtonAuthenticationRequest extends AuthenticationRequest {
} elseif ( is_string( $data['label'] ) ) {
$data['label'] = new Message( $data['label'] );
} elseif ( is_array( $data['label'] ) && $data['label'] ) {
+ // @phan-suppress-next-line PhanParamTooFewUnpack Should infer non-emptiness from above
$data['label'] = Message::newFromKey( ...$data['label'] );
}
if ( !isset( $data['help'] ) ) {
@@ -110,6 +111,7 @@ class ButtonAuthenticationRequest extends AuthenticationRequest {
} elseif ( is_string( $data['help'] ) ) {
$data['help'] = new Message( $data['help'] );
} elseif ( is_array( $data['help'] ) && $data['help'] ) {
+ // @phan-suppress-next-line PhanParamTooFewUnpack Should infer non-emptiness from above
$data['help'] = Message::newFromKey( ...$data['help'] );
}
$ret = new static( $data['name'], $data['label'], $data['help'] );
diff --git a/includes/block/BlockManager.php b/includes/block/BlockManager.php
index 2fec68afa02..6109a8ec938 100644
--- a/includes/block/BlockManager.php
+++ b/includes/block/BlockManager.php
@@ -195,7 +195,6 @@ class BlockManager {
} elseif ( count( $blocks ) === 1 ) {
return $blocks[ 0 ];
} else {
- // @phan-suppress-next-line SecurityCheck-DoubleEscaped
return new CompositeBlock( [
'address' => $ip,
'reason' => new Message( 'blockedtext-composite-reason' ),
@@ -253,14 +252,12 @@ class BlockManager {
if ( !in_array( $ip, $this->options->get( MainConfigNames::ProxyWhitelist ) ) ) {
// Local list
if ( $this->isLocallyBlockedProxy( $ip ) ) {
- // @phan-suppress-next-line SecurityCheck-DoubleEscaped
$blocks[] = new SystemBlock( [
'reason' => new Message( 'proxyblockreason' ),
'address' => $ip,
'systemBlock' => 'proxy',
] );
} elseif ( $isAnon && $this->isDnsBlacklisted( $ip ) ) {
- // @phan-suppress-next-line SecurityCheck-DoubleEscaped
$blocks[] = new SystemBlock( [
'reason' => new Message( 'sorbsreason' ),
'address' => $ip,
@@ -272,7 +269,6 @@ class BlockManager {
// Soft blocking
if ( $isAnon && IPUtils::isInRanges( $ip, $this->options->get( MainConfigNames::SoftBlockRanges ) ) ) {
- // @phan-suppress-next-line SecurityCheck-DoubleEscaped
$blocks[] = new SystemBlock( [
'address' => $ip,
'reason' => new Message( 'softblockrangesreason', [ $ip ] ),
diff --git a/includes/block/DatabaseBlock.php b/includes/block/DatabaseBlock.php
index 698dd48d030..cc0e2362d85 100644
--- a/includes/block/DatabaseBlock.php
+++ b/includes/block/DatabaseBlock.php
@@ -266,7 +266,6 @@ class DatabaseBlock extends AbstractBlock {
$conds['ipb_address'][] = (string)$target;
$conds['ipb_address'] = array_unique( $conds['ipb_address'] );
$conds[] = self::getRangeCond( IPUtils::toHex( $target ) );
- // @phan-suppress-next-line SecurityCheck-SQLInjection
$conds = $db->makeList( $conds, LIST_OR );
break;
@@ -274,7 +273,6 @@ class DatabaseBlock extends AbstractBlock {
list( $start, $end ) = IPUtils::parseRange( $target );
$conds['ipb_address'][] = (string)$target;
$conds[] = self::getRangeCond( $start, $end );
- // @phan-suppress-next-line SecurityCheck-SQLInjection
$conds = $db->makeList( $conds, LIST_OR );
break;
@@ -284,7 +282,6 @@ class DatabaseBlock extends AbstractBlock {
}
$blockQuery = self::getQueryInfo();
- // @phan-suppress-next-line SecurityCheck-SQLInjection
$res = $db->select(
$blockQuery['tables'],
$blockQuery['fields'],
diff --git a/includes/diff/DifferenceEngineSlotDiffRenderer.php b/includes/diff/DifferenceEngineSlotDiffRenderer.php
index 0cbededab37..e371fb7d5af 100644
--- a/includes/diff/DifferenceEngineSlotDiffRenderer.php
+++ b/includes/diff/DifferenceEngineSlotDiffRenderer.php
@@ -54,7 +54,6 @@ class DifferenceEngineSlotDiffRenderer extends SlotDiffRenderer {
/** @inheritDoc */
public function getDiff( Content $oldContent = null, Content $newContent = null ) {
$this->normalizeContents( $oldContent, $newContent );
- // @phan-suppress-next-line PhanTypeMismatchArgumentNullable Null handled by normalizeContents
return $this->differenceEngine->generateContentDiffBody( $oldContent, $newContent );
}
diff --git a/includes/filerepo/file/File.php b/includes/filerepo/file/File.php
index efae726d350..50ab75b8cd7 100644
--- a/includes/filerepo/file/File.php
+++ b/includes/filerepo/file/File.php
@@ -36,7 +36,6 @@ use MediaWiki\User\UserIdentity;
* @ingroup FileAbstraction
*/
-// @phan-file-suppress PhanTypeMissingReturn false positives
/**
* Implements some public methods and some protected utility functions which
* are required by multiple child classes. Contains stub functionality for
diff --git a/includes/htmlform/fields/HTMLAutoCompleteSelectField.php b/includes/htmlform/fields/HTMLAutoCompleteSelectField.php
index a2ac801cd0a..e861b28f82d 100644
--- a/includes/htmlform/fields/HTMLAutoCompleteSelectField.php
+++ b/includes/htmlform/fields/HTMLAutoCompleteSelectField.php
@@ -44,7 +44,6 @@ class HTMLAutoCompleteSelectField extends HTMLTextField {
if ( array_key_exists( 'autocomplete-data-messages', $this->mParams ) ) {
foreach ( $this->mParams['autocomplete-data-messages'] as $key => $value ) {
- // @phan-suppress-next-line PhanTypeMismatchArgument False positive, $key is documented as string
$key = $this->msg( $key )->plain();
$this->autocompleteData[$key] = strval( $value );
}
diff --git a/includes/htmlform/fields/HTMLCheckMatrix.php b/includes/htmlform/fields/HTMLCheckMatrix.php
index 71143d9c4ea..667c95330ba 100644
--- a/includes/htmlform/fields/HTMLCheckMatrix.php
+++ b/includes/htmlform/fields/HTMLCheckMatrix.php
@@ -99,7 +99,6 @@ class HTMLCheckMatrix extends HTMLFormField implements HTMLNestedFilterable {
// Build the column headers
$headerContents = Html::rawElement( 'td', [], "\u{00A0}" );
foreach ( $columns as $columnLabel => $columnTag ) {
- // @phan-suppress-next-line PhanTypeMismatchArgument False positive, labels are documented as string
$headerContents .= Html::rawElement( 'th', [], $columnLabel );
}
$thead = Html::rawElement( 'tr', [], "\n$headerContents\n" );
diff --git a/includes/htmlform/fields/HTMLFormFieldCloner.php b/includes/htmlform/fields/HTMLFormFieldCloner.php
index 8ae114548e9..dbf0bc2bdba 100644
--- a/includes/htmlform/fields/HTMLFormFieldCloner.php
+++ b/includes/htmlform/fields/HTMLFormFieldCloner.php
@@ -485,7 +485,6 @@ class HTMLFormFieldCloner extends HTMLFormField {
}
$template = $this->getInputHTMLForKey( $this->uniqueId, [] );
- // @phan-suppress-next-line SecurityCheck-DoubleEscaped data-template contains html, but that is okay here
$html = Html::rawElement( 'ul', [
'id' => "mw-htmlform-cloner-list-{$this->mID}",
'class' => 'mw-htmlform-cloner-ul',
@@ -558,7 +557,6 @@ class HTMLFormFieldCloner extends HTMLFormField {
}
$template = $this->getInputOOUIForKey( $this->uniqueId, [] );
- // @phan-suppress-next-line SecurityCheck-DoubleEscaped data-template contains html, but that is okay here
$html = Html::rawElement( 'ul', [
'id' => "mw-htmlform-cloner-list-{$this->mID}",
'class' => 'mw-htmlform-cloner-ul',
diff --git a/includes/installer/DatabaseInstaller.php b/includes/installer/DatabaseInstaller.php
index 4ca26af4037..a36c066f119 100644
--- a/includes/installer/DatabaseInstaller.php
+++ b/includes/installer/DatabaseInstaller.php
@@ -229,7 +229,6 @@ abstract class DatabaseInstaller {
$this->db->setFlag( DBO_DDLMODE );
$this->db->begin( __METHOD__ );
- // @phan-suppress-next-line SecurityCheck-PathTraversal False positive
$error = $this->db->sourceFile(
call_user_func( [ $this, $sourceFileMethod ], $this->db )
);
diff --git a/includes/installer/Installer.php b/includes/installer/Installer.php
index 4c0c66df3d8..50156d31cc4 100644
--- a/includes/installer/Installer.php
+++ b/includes/installer/Installer.php
@@ -1377,7 +1377,6 @@ abstract class Installer {
$info += $jsonStatus->value;
}
- // @phan-suppress-next-line SecurityCheckMulti
return Status::newGood( $info );
}
diff --git a/includes/installer/PostgresInstaller.php b/includes/installer/PostgresInstaller.php
index ce9873d71fd..16fa630a16f 100644
--- a/includes/installer/PostgresInstaller.php
+++ b/includes/installer/PostgresInstaller.php
@@ -196,7 +196,6 @@ class PostgresInstaller extends DatabaseInstaller {
$conn = $status->value;
$conn->clearFlag( DBO_TRX );
$conn->commit( __METHOD__ );
- // @phan-suppress-next-line SecurityCheck-DoubleEscaped
$this->pgConns[$type] = $conn;
}
diff --git a/includes/installer/WebInstaller.php b/includes/installer/WebInstaller.php
index be561a9cb4b..a8067623bfa 100644
--- a/includes/installer/WebInstaller.php
+++ b/includes/installer/WebInstaller.php
@@ -261,7 +261,6 @@ class WebInstaller extends Installer {
# Execute the page.
$this->currentPageName = $page->getName();
- // @phan-suppress-next-line PhanTypeMismatchArgumentNullable pageName is not null here
$this->startPageWrapper( $pageName );
if ( $page->isSlow() ) {
@@ -275,7 +274,6 @@ class WebInstaller extends Installer {
if ( $result == 'skip' ) {
# Page skipped without explicit submission.
# Skip it when we click "back" so that we don't just go forward again.
- // @phan-suppress-next-line PhanTypeMismatchDimAssignment pageName is not null here
$this->skippedPages[$pageName] = true;
$result = 'continue';
} else {
diff --git a/includes/installer/WebInstallerOptions.php b/includes/installer/WebInstallerOptions.php
index 091a747e1f7..64b82516020 100644
--- a/includes/installer/WebInstallerOptions.php
+++ b/includes/installer/WebInstallerOptions.php
@@ -205,7 +205,6 @@ class WebInstallerOptions extends WebInstallerPage {
}
$skinHtml .=
'' .
- // @phan-suppress-next-line SecurityCheck-DoubleEscaped
$this->parent->getCheckBox( [
'var' => "skin-$skin",
'rawtext' => $screenshotText,
@@ -299,14 +298,12 @@ class WebInstallerOptions extends WebInstallerPage {
}
}
- // @phan-suppress-next-line SecurityCheck-XSS
$text = wfMessage( 'config-extensions-requires' )
->rawParams( $ext, $wgLang->commaList( $links ) )
->escaped();
} else {
$text = $ext;
}
- // @phan-suppress-next-line SecurityCheck-DoubleEscaped
$extHtml .= $this->parent->getCheckBox( [
'var' => "ext-$ext",
'rawtext' => $text,
diff --git a/includes/libs/ArrayUtils.php b/includes/libs/ArrayUtils.php
index 0ea6f6c894f..a6fd4905541 100644
--- a/includes/libs/ArrayUtils.php
+++ b/includes/libs/ArrayUtils.php
@@ -89,7 +89,6 @@ class ArrayUtils {
}
}
- // @phan-suppress-next-line PhanPossiblyUndeclaredVariable weight is non-empty and i is always set
return $i;
}
diff --git a/includes/libs/ParamValidator/TypeDef/UploadDef.php b/includes/libs/ParamValidator/TypeDef/UploadDef.php
index ec5ec1ce5e6..4449ded09a9 100644
--- a/includes/libs/ParamValidator/TypeDef/UploadDef.php
+++ b/includes/libs/ParamValidator/TypeDef/UploadDef.php
@@ -114,6 +114,7 @@ class UploadDef extends TypeDef {
} else {
$constant = '';
foreach ( get_defined_constants() as $c => $v ) {
+ // @phan-suppress-next-line PhanTypeComparisonFromArray
if ( $v === $err && substr( $c, 0, 11 ) === 'UPLOAD_ERR_' ) {
$constant = " ($c?)";
}
diff --git a/includes/libs/WRStats/BagOStuffStatsStore.php b/includes/libs/WRStats/BagOStuffStatsStore.php
index 15eee1c1908..eff03346e89 100644
--- a/includes/libs/WRStats/BagOStuffStatsStore.php
+++ b/includes/libs/WRStats/BagOStuffStatsStore.php
@@ -21,6 +21,10 @@ class BagOStuffStatsStore implements StatsStore {
$this->cache = $cache;
}
+ /**
+ * @inheritDoc
+ * @suppress PhanParamTooFewUnpack
+ */
public function makeKey( $prefix, $internals, $entity ) {
if ( $entity->isGlobal() ) {
return $this->cache->makeGlobalKey(
diff --git a/includes/libs/mime/MimeAnalyzer.php b/includes/libs/mime/MimeAnalyzer.php
index df03413ae41..201f726298a 100644
--- a/includes/libs/mime/MimeAnalyzer.php
+++ b/includes/libs/mime/MimeAnalyzer.php
@@ -600,7 +600,6 @@ class MimeAnalyzer implements LoggerAwareInterface {
if ( str_starts_with( $head, $magic ) ) {
$this->logger->info( __METHOD__ .
": magic header in $file recognized as $candidate" );
- // @phan-suppress-next-line PhanTypeMismatchReturn False positive
return $candidate;
}
}
diff --git a/includes/libs/objectcache/wancache/WANObjectCache.php b/includes/libs/objectcache/wancache/WANObjectCache.php
index fce099a874e..208770b4988 100644
--- a/includes/libs/objectcache/wancache/WANObjectCache.php
+++ b/includes/libs/objectcache/wancache/WANObjectCache.php
@@ -2321,6 +2321,7 @@ class WANObjectCache implements
* @since 1.27
*/
public function makeGlobalKey( $collection, ...$components ) {
+ // @phan-suppress-next-line PhanParamTooFewUnpack Should infer non-emptiness
return $this->cache->makeGlobalKey( ...func_get_args() );
}
@@ -2335,6 +2336,7 @@ class WANObjectCache implements
* @since 1.27
*/
public function makeKey( $collection, ...$components ) {
+ // @phan-suppress-next-line PhanParamTooFewUnpack Should infer non-emptiness
return $this->cache->makeKey( ...func_get_args() );
}
diff --git a/includes/libs/rdbms/database/DatabaseSqlite.php b/includes/libs/rdbms/database/DatabaseSqlite.php
index d02690c321a..9b598b2e592 100644
--- a/includes/libs/rdbms/database/DatabaseSqlite.php
+++ b/includes/libs/rdbms/database/DatabaseSqlite.php
@@ -782,7 +782,6 @@ class DatabaseSqlite extends Database {
}
}
- // @phan-suppress-next-line SecurityCheck-SQLInjection SQL is taken from database
$res = $this->query(
$sqlCreateTable,
$fname,
diff --git a/includes/libs/rdbms/dbal/MWMySQLPlatform.php b/includes/libs/rdbms/dbal/MWMySQLPlatform.php
index f1e473a57c3..167be2e4aa2 100644
--- a/includes/libs/rdbms/dbal/MWMySQLPlatform.php
+++ b/includes/libs/rdbms/dbal/MWMySQLPlatform.php
@@ -1,9 +1,5 @@
conds[] = $cond;
} elseif ( isset( $this->conds[$key] ) ) {
+ // @phan-suppress-previous-line PhanTypeMismatchDimFetch
// T288882
$this->conds[] = $this->db->makeList(
[ $key => $cond ], IDatabase::LIST_AND );
diff --git a/includes/logging/LogEventsList.php b/includes/logging/LogEventsList.php
index 916e4232426..662a9003c3f 100644
--- a/includes/logging/LogEventsList.php
+++ b/includes/logging/LogEventsList.php
@@ -683,6 +683,7 @@ class LogEventsList extends ContextSource {
if ( $logBody ) {
if ( $msgKey[0] ) {
+ // @phan-suppress-next-line PhanParamTooFewUnpack Non-emptiness checked above
$msg = $context->msg( ...$msgKey );
if ( $page instanceof PageReference ) {
$msg->page( $page );
diff --git a/includes/media/BitmapHandler.php b/includes/media/BitmapHandler.php
index dc6a35ba23e..792dba3b94e 100644
--- a/includes/media/BitmapHandler.php
+++ b/includes/media/BitmapHandler.php
@@ -516,6 +516,7 @@ class BitmapHandler extends TransformationalImageHandler {
if ( $useQuality && isset( $params['quality'] ) ) {
$funcParams[] = $params['quality'];
}
+ // @phan-suppress-next-line PhanParamTooFewInternalUnpack,PhanParamTooFewUnpack There are at least 2 args
$saveType( ...$funcParams );
imagedestroy( $dst_image );
diff --git a/includes/media/SvgHandler.php b/includes/media/SvgHandler.php
index 4d758729df1..c5a5a19e3a9 100644
--- a/includes/media/SvgHandler.php
+++ b/includes/media/SvgHandler.php
@@ -367,7 +367,6 @@ class SvgHandler extends ImageHandler {
$err = wfShellExecWithStderr( $cmd, $retval, $env );
}
}
- // @phan-suppress-next-line PhanTypeMismatchArgumentNullable False positive
$removed = $this->removeBadFile( $dstPath, $retval );
if ( $retval != 0 || $removed ) {
// @phan-suppress-next-next-line PhanPossiblyUndeclaredVariable cmd is set when used
diff --git a/includes/page/ImagePage.php b/includes/page/ImagePage.php
index 1f08a1afee7..4b4876d8001 100644
--- a/includes/page/ImagePage.php
+++ b/includes/page/ImagePage.php
@@ -490,7 +490,6 @@ class ImagePage extends Article {
[],
[ 'page' => $page - 1 ]
);
- // @phan-suppress-next-line SecurityCheck-DoubleEscaped link getting a key, false positive
$thumb1 = Linker::makeThumbLinkObj(
$this->getTitle(),
$this->displayImg,
@@ -511,7 +510,6 @@ class ImagePage extends Article {
[],
[ 'page' => $page + 1 ]
);
- // @phan-suppress-next-line SecurityCheck-DoubleEscaped link getting a key, false positive
$thumb2 = Linker::makeThumbLinkObj(
$this->getTitle(),
$this->displayImg,
diff --git a/includes/pager/IndexPager.php b/includes/pager/IndexPager.php
index 57f60e7e562..4a9f3398e01 100644
--- a/includes/pager/IndexPager.php
+++ b/includes/pager/IndexPager.php
@@ -830,6 +830,7 @@ abstract class IndexPager extends ContextSource implements Pager {
if ( $declaringClass !== __CLASS__ ) {
// Overriding makeLink() is deprecated since 1.39
$navBuilder->setMakeLinkCallback( function ( ...$args ) {
+ // @phan-suppress-next-line PhanParamTooFewUnpack
return $this->makeLink( ...$args );
} );
}
diff --git a/includes/parser/CoreParserFunctions.php b/includes/parser/CoreParserFunctions.php
index 94cb9a3f210..ac69387d3ee 100644
--- a/includes/parser/CoreParserFunctions.php
+++ b/includes/parser/CoreParserFunctions.php
@@ -531,7 +531,6 @@ class CoreParserFunctions {
wfMessage( 'duplicate-displaytitle',
// Message should be parsed, but these params should only be escaped.
$converter->markNoConversion( wfEscapeWikiText( $old ) ),
- // @phan-suppress-next-line SecurityCheck-DoubleEscaped we removed escaping above
$converter->markNoConversion( wfEscapeWikiText( $filteredText ) )
)->inContentLanguage()->text() .
'';
diff --git a/includes/parser/CoreTagHooks.php b/includes/parser/CoreTagHooks.php
index 01bf5aa7cad..da2b98525d2 100644
--- a/includes/parser/CoreTagHooks.php
+++ b/includes/parser/CoreTagHooks.php
@@ -83,6 +83,7 @@ class CoreTagHooks {
[ '>', '<' ],
$content
);
+ // @phan-suppress-next-line SecurityCheck-XSS Ad-hoc escaping above.
return Html::rawElement( 'pre', $attribs, $content );
}
diff --git a/includes/parser/PPFrame_Hash.php b/includes/parser/PPFrame_Hash.php
index d85a251b345..4e34f9c82b8 100644
--- a/includes/parser/PPFrame_Hash.php
+++ b/includes/parser/PPFrame_Hash.php
@@ -148,7 +148,6 @@ class PPFrame_Hash implements PPFrame {
}
}
}
- // @phan-suppress-next-line SecurityCheck-XSS taint track for keys in named args, false positive
return new PPTemplateFrame_Hash( $this->preprocessor, $this, $numberedArgs, $namedArgs, $title );
}
diff --git a/includes/parser/PPTemplateFrame_Hash.php b/includes/parser/PPTemplateFrame_Hash.php
index 7acb396804e..4f2af0fbbdd 100644
--- a/includes/parser/PPTemplateFrame_Hash.php
+++ b/includes/parser/PPTemplateFrame_Hash.php
@@ -174,7 +174,6 @@ class PPTemplateFrame_Hash extends PPFrame_Hash {
if ( !isset( $this->namedExpansionCache[$name] ) ) {
# Trim named arguments post-expand, for backwards compatibility
$this->namedExpansionCache[$name] = trim(
- // @phan-suppress-next-line SecurityCheck-XSS
$this->parent->expand( $this->namedArgs[$name], PPFrame::STRIP_COMMENTS ) );
}
return $this->namedExpansionCache[$name];
diff --git a/includes/parser/Parser.php b/includes/parser/Parser.php
index cc175f6b9fa..d85a01d3cdb 100644
--- a/includes/parser/Parser.php
+++ b/includes/parser/Parser.php
@@ -690,7 +690,6 @@ class Parser {
// Strip U+0000 NULL (T159174)
$text = str_replace( "\000", '', $text );
- // @phan-suppress-next-line PhanTypeMismatchArgumentNullable False positive
$this->startParse( $page, $options, self::OT_HTML, $clearState );
$this->currentRevisionCache = null;
@@ -2225,7 +2224,6 @@ class Parser {
# This means that users can paste URLs directly into the text
# Funny characters like รถ aren't valid in URLs anyway
# This was changed in August 2004
- // @phan-suppress-next-line SecurityCheck-XSS,SecurityCheck-DoubleEscaped using false for escape is valid
$s .= Linker::makeExternalLink( $url, $text, false, $linktype,
$this->getExternalLinkAttribs( $url ), $this->getTitle() ) . $dtrail . $trail;
@@ -3326,11 +3324,9 @@ class Parser {
# Replace raw HTML by a placeholder
if ( $isHTML ) {
- // @phan-suppress-next-line SecurityCheck-XSS Mixed mode, here html and safe
$text = $this->insertStripItem( $text );
} elseif ( $nowiki && ( $this->ot['html'] || $this->ot['pre'] ) ) {
# Escape nowiki-style return values
- // @phan-suppress-next-line SecurityCheck-DoubleEscaped Mixed mode, here html and safe
$text = wfEscapeWikiText( $text );
} elseif ( is_string( $text )
&& !$piece['lineStart']
@@ -4469,7 +4465,6 @@ class Parser {
// be able to convert that piece of data.
// Gets replaced with html in ParserOutput::getText
$editlink = '';
} else {
@@ -4583,7 +4578,6 @@ class Parser {
if ( $clearState ) {
$magicScopeVariable = $this->lock();
}
- // @phan-suppress-next-line PhanTypeMismatchArgumentNullable False positive
$this->startParse( $page, $options, self::OT_WIKI, $clearState );
$this->setUser( $user );
diff --git a/includes/specialpage/AuthManagerSpecialPage.php b/includes/specialpage/AuthManagerSpecialPage.php
index 359a63ee881..886214944e9 100644
--- a/includes/specialpage/AuthManagerSpecialPage.php
+++ b/includes/specialpage/AuthManagerSpecialPage.php
@@ -451,10 +451,12 @@ abstract class AuthManagerSpecialPage extends SpecialPage {
$status = Status::newFatal( new RawMessage( '$1', [ $status ] ) );
} elseif ( is_array( $status ) ) {
if ( is_string( reset( $status ) ) ) {
+ // @phan-suppress-next-line PhanParamTooFewUnpack
$status = Status::newFatal( ...$status );
} elseif ( is_array( reset( $status ) ) ) {
$ret = Status::newGood();
foreach ( $status as $message ) {
+ // @phan-suppress-next-line PhanParamTooFewUnpack
$ret->fatal( ...$message );
}
$status = $ret;
diff --git a/includes/specials/SpecialBlock.php b/includes/specials/SpecialBlock.php
index e2094d4b51c..6ff70f9d12c 100644
--- a/includes/specials/SpecialBlock.php
+++ b/includes/specials/SpecialBlock.php
@@ -201,6 +201,7 @@ class SpecialBlock extends FormSpecialPage {
[
'align' => 'top',
'errors' => array_map( function ( $errMsg ) {
+ // @phan-suppress-next-line PhanParamTooFewUnpack Should infer non-emptiness
return new OOUI\HtmlSnippet( $this->msg( ...$errMsg )->parse() );
}, $this->preErrors ),
]
diff --git a/includes/specials/SpecialUploadStash.php b/includes/specials/SpecialUploadStash.php
index ee70db7284b..c79674362c8 100644
--- a/includes/specials/SpecialUploadStash.php
+++ b/includes/specials/SpecialUploadStash.php
@@ -130,7 +130,6 @@ class SpecialUploadStash extends UnlistedSpecialPage {
$message = $e->getMessage();
}
- // @phan-suppress-next-line PhanPossiblyUndeclaredVariable False positive
throw new HttpError( $code, $message );
}
diff --git a/includes/specials/forms/UploadForm.php b/includes/specials/forms/UploadForm.php
index bcb58a6b6db..4cc0f942d1a 100644
--- a/includes/specials/forms/UploadForm.php
+++ b/includes/specials/forms/UploadForm.php
@@ -172,7 +172,6 @@ class UploadForm extends HTMLForm {
$descriptor = [];
if ( $this->mTextTop ) {
$descriptor['UploadFormTextTop'] = [
- // @phan-suppress-next-line SecurityCheck-XSS mTextTop is raw html
'type' => 'info',
'section' => 'source',
'default' => $this->mTextTop,
@@ -339,7 +338,6 @@ class UploadForm extends HTMLForm {
];
if ( $this->mTextAfterSummary ) {
$descriptor['UploadFormTextAfterSummary'] = [
- // @phan-suppress-next-line SecurityCheck-XSS mTextAfterSummary is raw html
'type' => 'info',
'section' => 'description',
'default' => $this->mTextAfterSummary,
diff --git a/includes/upload/UploadFromChunks.php b/includes/upload/UploadFromChunks.php
index d71782c82cc..234ad1642c8 100644
--- a/includes/upload/UploadFromChunks.php
+++ b/includes/upload/UploadFromChunks.php
@@ -122,7 +122,6 @@ class UploadFromChunks extends UploadFromFile {
$this->getChunkStatus();
$metadata = $this->stash->getMetadata( $key );
- // @phan-suppress-next-line SecurityCheckMulti,SecurityCheck-PathTraversal
$this->initializePathInfo( $name,
$this->getRealPath( $metadata['us_path'] ),
$metadata['us_size'],
diff --git a/includes/upload/UploadFromStash.php b/includes/upload/UploadFromStash.php
index 8e2fac704ad..56ee1fff284 100644
--- a/includes/upload/UploadFromStash.php
+++ b/includes/upload/UploadFromStash.php
@@ -100,7 +100,6 @@ class UploadFromStash extends UploadBase {
* an opaque key to the user agent.
*/
$metadata = $this->stash->getMetadata( $key );
- // @phan-suppress-next-line SecurityCheck-PathTraversal
$this->initializePathInfo( $name,
$initTempFile ? $this->getRealPath( $metadata['us_path'] ) : false,
$metadata['us_size'],
diff --git a/includes/user/User.php b/includes/user/User.php
index b1201007c8d..c8cbfa7750a 100644
--- a/includes/user/User.php
+++ b/includes/user/User.php
@@ -871,6 +871,7 @@ class User implements Authority, UserIdentity, UserEmailContact {
if ( !$row ) {
// No user. Create it?
+ // @phan-suppress-next-line PhanImpossibleCondition
if ( !$options['create'] ) {
// No.
return null;
@@ -887,6 +888,7 @@ class User implements Authority, UserIdentity, UserEmailContact {
if ( !$user->isSystemUser() ) {
// User exists. Steal it?
+ // @phan-suppress-next-line PhanRedundantCondition
if ( !$options['steal'] ) {
return null;
}
diff --git a/maintenance/includes/MWDoxygenFilter.php b/maintenance/includes/MWDoxygenFilter.php
index 95037fc4445..92bde6497f0 100644
--- a/maintenance/includes/MWDoxygenFilter.php
+++ b/maintenance/includes/MWDoxygenFilter.php
@@ -19,7 +19,6 @@
*
* @file
* @ingroup Maintenance
- * @phan-file-suppress PhanInvalidCommentForDeclarationType False negative about `@var`
*/
/**
diff --git a/maintenance/includes/TextPassDumper.php b/maintenance/includes/TextPassDumper.php
index 48d99e20248..d80221eee39 100644
--- a/maintenance/includes/TextPassDumper.php
+++ b/maintenance/includes/TextPassDumper.php
@@ -703,6 +703,7 @@ TEXT
$failures++;
// A failure in a prefetch hit does not warrant resetting db connection etc.
+ // @phan-suppress-next-line PhanPossiblyUndeclaredVariable Control flow is hard to understand here.
if ( !$tryIsPrefetch ) {
// After backing off for some time, we try to reboot the whole process as
// much as possible to not carry over failures from one part to the other