From 947ff7c0f597b801acf699bd2e2d3c90c558d0f5 Mon Sep 17 00:00:00 2001 From: Daimona Eaytoy Date: Sat, 8 Oct 2022 14:12:34 +0200 Subject: [PATCH] build: Update mediawiki/mediawiki-phan-config to 0.12.0 This patch only adds and removes suppressions, which must be done in the same patch as the version bump. Bug: T298571 Change-Id: I4044d4d9ce82b3dae7ba0af85bf04f22cb1dd347 --- composer.json | 2 +- includes/GlobalFunctions.php | 1 - includes/OutputPage.php | 1 + includes/Rest/Handler/ParsoidHandler.php | 3 +++ includes/Title.php | 5 +---- includes/WebRequest.php | 2 -- includes/api/ApiBase.php | 3 --- includes/api/ApiEditPage.php | 1 + includes/api/ApiExpandTemplates.php | 1 + includes/api/ApiQueryRevisionsBase.php | 1 + includes/api/ApiUpload.php | 3 --- includes/auth/ButtonAuthenticationRequest.php | 2 ++ includes/block/BlockManager.php | 4 ---- includes/block/DatabaseBlock.php | 3 --- includes/diff/DifferenceEngineSlotDiffRenderer.php | 1 - includes/filerepo/file/File.php | 1 - includes/htmlform/fields/HTMLAutoCompleteSelectField.php | 1 - includes/htmlform/fields/HTMLCheckMatrix.php | 1 - includes/htmlform/fields/HTMLFormFieldCloner.php | 2 -- includes/installer/DatabaseInstaller.php | 1 - includes/installer/Installer.php | 1 - includes/installer/PostgresInstaller.php | 1 - includes/installer/WebInstaller.php | 2 -- includes/installer/WebInstallerOptions.php | 3 --- includes/libs/ArrayUtils.php | 1 - includes/libs/ParamValidator/TypeDef/UploadDef.php | 1 + includes/libs/WRStats/BagOStuffStatsStore.php | 4 ++++ includes/libs/mime/MimeAnalyzer.php | 1 - includes/libs/objectcache/wancache/WANObjectCache.php | 2 ++ includes/libs/rdbms/database/DatabaseSqlite.php | 1 - includes/libs/rdbms/dbal/MWMySQLPlatform.php | 4 ---- includes/libs/rdbms/dbal/MWPostgreSqlPlatform.php | 4 ---- includes/libs/rdbms/querybuilder/SelectQueryBuilder.php | 1 + includes/logging/LogEventsList.php | 1 + includes/media/BitmapHandler.php | 1 + includes/media/SvgHandler.php | 1 - includes/page/ImagePage.php | 2 -- includes/pager/IndexPager.php | 1 + includes/parser/CoreParserFunctions.php | 1 - includes/parser/CoreTagHooks.php | 1 + includes/parser/PPFrame_Hash.php | 1 - includes/parser/PPTemplateFrame_Hash.php | 1 - includes/parser/Parser.php | 6 ------ includes/specialpage/AuthManagerSpecialPage.php | 2 ++ includes/specials/SpecialBlock.php | 1 + includes/specials/SpecialUploadStash.php | 1 - includes/specials/forms/UploadForm.php | 2 -- includes/upload/UploadFromChunks.php | 1 - includes/upload/UploadFromStash.php | 1 - includes/user/User.php | 2 ++ maintenance/includes/MWDoxygenFilter.php | 1 - maintenance/includes/TextPassDumper.php | 1 + 52 files changed, 29 insertions(+), 64 deletions(-) diff --git a/composer.json b/composer.json index 9fe24973839..0473d973dde 100644 --- a/composer.json +++ b/composer.json @@ -88,7 +88,7 @@ "hamcrest/hamcrest-php": "^2.0", "johnkary/phpunit-speedtrap": "^4.0", "mediawiki/mediawiki-codesniffer": "39.0.0", - "mediawiki/mediawiki-phan-config": "0.11.1", + "mediawiki/mediawiki-phan-config": "0.12.0", "nikic/php-parser": "^4.10.2", "php-parallel-lint/php-console-highlighter": "1.0.0", "php-parallel-lint/php-parallel-lint": "1.3.2", diff --git a/includes/GlobalFunctions.php b/includes/GlobalFunctions.php index 4101eaecf02..d4d6bf7af35 100644 --- a/includes/GlobalFunctions.php +++ b/includes/GlobalFunctions.php @@ -1938,7 +1938,6 @@ function wfGetDB( $db, $groups = [], $wiki = false ) { function wfScript( $script = 'index' ) { global $wgScriptPath, $wgScript, $wgLoadScript; if ( $script === 'index' ) { - // @phan-suppress-next-line PhanPossiblyUndeclaredVariable False positive return $wgScript; } elseif ( $script === 'load' ) { return $wgLoadScript; diff --git a/includes/OutputPage.php b/includes/OutputPage.php index 3b012d833ea..dd47d9d6fe6 100644 --- a/includes/OutputPage.php +++ b/includes/OutputPage.php @@ -3118,6 +3118,7 @@ class OutputPage extends ContextSource { $text .= ''; } else { $text .= "
\n" . + // @phan-suppress-next-line PhanParamTooFewUnpack Elements of $errors already annotated as non-empty $this->msg( ...reset( $errors ) )->plain() . "\n
"; } diff --git a/includes/Rest/Handler/ParsoidHandler.php b/includes/Rest/Handler/ParsoidHandler.php index 0a7833588ee..ccde74a6b71 100644 --- a/includes/Rest/Handler/ParsoidHandler.php +++ b/includes/Rest/Handler/ParsoidHandler.php @@ -794,7 +794,10 @@ abstract class ParsoidHandler extends Handler { ParsoidFormatHelper::setContentType( $response, ParsoidFormatHelper::FORMAT_HTML, $attribs['envOptions']['outputContentVersion'] ); $response->getBody()->write( $out ); + // @phan-suppress-next-next-line PhanTypeArraySuspiciousNullable $headers can't be null after the + // method call, but the docblock of wikitext2html doesn't say that. $response->setHeader( 'Content-Language', $headers['content-language'] ); + // @phan-suppress-next-line PhanTypeArraySuspiciousNullable Same. $response->addHeader( 'Vary', $headers['vary'] ); } diff --git a/includes/Title.php b/includes/Title.php index f2e1a28e57c..51a980c1882 100644 --- a/includes/Title.php +++ b/includes/Title.php @@ -804,7 +804,6 @@ class Title implements LinkTarget, PageIdentity, IDBAccessObject { $r0 = $d0; } // Do the output - // @phan-suppress-next-line PhanPluginRedundantAssignmentInLoop Confusing, $r1 is set later if ( $x0 !== '' && $x1 === '-' && $x2 !== '' ) { // Range if ( $ord2 > $ord0 ) { @@ -821,6 +820,7 @@ class Title implements LinkTarget, PageIdentity, IDBAccessObject { $out .= "$r2-$r0"; } // Reset state to the initial value + // @phan-suppress-next-line PhanPluginRedundantAssignmentInLoop $x0 = $x1 = $d0 = $d1 = $r0 = $r1 = ''; } elseif ( $ord2 < 0x80 ) { // ASCII character @@ -2271,7 +2271,6 @@ class Title implements LinkTarget, PageIdentity, IDBAccessObject { $url = false; $matches = []; - // @phan-suppress-next-line PhanPossiblyUndeclaredVariable False positive $articlePaths = PathRouter::getActionPaths( $wgActionPaths, $wgArticlePath ); if ( $articlePaths @@ -2310,7 +2309,6 @@ class Title implements LinkTarget, PageIdentity, IDBAccessObject { if ( $query == '-' ) { $query = ''; } - // @phan-suppress-next-line PhanPossiblyUndeclaredVariable False positive $url = "{$wgScript}?title={$dbkey}&{$query}"; } } @@ -2340,7 +2338,6 @@ class Title implements LinkTarget, PageIdentity, IDBAccessObject { */ public function getLinkURL( $query = '', $query2 = false, $proto = false ) { if ( $this->isExternal() || $proto !== false ) { - // @phan-suppress-next-line PhanTypeMismatchArgument $ret = $this->getFullURL( $query, $query2, $proto ); } elseif ( $this->getPrefixedText() === '' && $this->hasFragment() ) { $ret = $this->getFragmentForURL(); diff --git a/includes/WebRequest.php b/includes/WebRequest.php index 24a386ecd81..8819293983f 100644 --- a/includes/WebRequest.php +++ b/includes/WebRequest.php @@ -166,7 +166,6 @@ class WebRequest { $path = $a['path'] ?? ''; global $wgScript; - // @phan-suppress-next-line PhanPossiblyUndeclaredVariable False positive if ( $path == $wgScript && $want !== 'all' ) { // Script inside a rewrite path? // Abort to keep from breaking... @@ -176,7 +175,6 @@ class WebRequest { $router = new PathRouter; // Raw PATH_INFO style - // @phan-suppress-next-line PhanPossiblyUndeclaredVariable False positive $router->add( "$wgScript/$1" ); global $wgArticlePath; diff --git a/includes/api/ApiBase.php b/includes/api/ApiBase.php index d62955dd214..fc0b00812a5 100644 --- a/includes/api/ApiBase.php +++ b/includes/api/ApiBase.php @@ -1465,7 +1465,6 @@ abstract class ApiBase extends ContextSource { * @return never */ public function dieWithException( Throwable $exception, array $options = [] ) { - // @phan-suppress-previous-line PhanTypeMissingReturn $this->dieWithError( // @phan-suppress-next-line PhanTypeMismatchArgument $this->getErrorFormatter()->getMessageFromException( $exception, $options ) @@ -1482,7 +1481,6 @@ abstract class ApiBase extends ContextSource { * @return never */ public function dieBlocked( Block $block ) { - // @phan-suppress-previous-line PhanTypeMissingReturn // Die using the appropriate message depending on block type if ( $block->getType() == Block::TYPE_AUTO ) { $this->dieWithError( @@ -1544,7 +1542,6 @@ abstract class ApiBase extends ContextSource { * @return never */ public function dieReadOnly() { - // @phan-suppress-previous-line PhanTypeMissingReturn $this->dieWithError( 'apierror-readonly', 'readonly', diff --git a/includes/api/ApiEditPage.php b/includes/api/ApiEditPage.php index 1b2c038c8da..8762d0cbf8e 100644 --- a/includes/api/ApiEditPage.php +++ b/includes/api/ApiEditPage.php @@ -621,6 +621,7 @@ class ApiEditPage extends ApiBase { // errors on the status. // @codeCoverageIgnoreStart case EditPage::AS_SPAM_ERROR: + // @phan-suppress-next-line PhanTypePossiblyInvalidDimOffset $status->fatal( 'apierror-spamdetected', $result['spam'] ); break; case EditPage::AS_READ_ONLY_PAGE_LOGGED: diff --git a/includes/api/ApiExpandTemplates.php b/includes/api/ApiExpandTemplates.php index 26fdea2a2b0..15af39b1ca0 100644 --- a/includes/api/ApiExpandTemplates.php +++ b/includes/api/ApiExpandTemplates.php @@ -119,6 +119,7 @@ class ApiExpandTemplates extends ApiBase { if ( isset( $prop['parsetree'] ) || $params['generatexml'] ) { $this->parser->startExternalParse( $titleObj, $options, Parser::OT_PREPROCESS ); $dom = $this->parser->preprocessToDom( $params['text'] ); + // @phan-suppress-next-line PhanUndeclaredMethodInCallable if ( is_callable( [ $dom, 'saveXML' ] ) ) { // @phan-suppress-next-line PhanUndeclaredMethod $xml = $dom->saveXML(); diff --git a/includes/api/ApiQueryRevisionsBase.php b/includes/api/ApiQueryRevisionsBase.php index 3930811ed01..b03680270c6 100644 --- a/includes/api/ApiQueryRevisionsBase.php +++ b/includes/api/ApiQueryRevisionsBase.php @@ -580,6 +580,7 @@ abstract class ApiQueryRevisionsBase extends ApiQueryGeneratorBase { Parser::OT_PREPROCESS ); $dom = $parser->preprocessToDom( $t ); + // @phan-suppress-next-line PhanUndeclaredMethodInCallable if ( is_callable( [ $dom, 'saveXML' ] ) ) { // @phan-suppress-next-line PhanUndeclaredMethod $xml = $dom->saveXML(); diff --git a/includes/api/ApiUpload.php b/includes/api/ApiUpload.php index 4c048eb3c11..a6971bc0198 100644 --- a/includes/api/ApiUpload.php +++ b/includes/api/ApiUpload.php @@ -414,7 +414,6 @@ class ApiUpload extends ApiBase { * @return never */ private function dieRecoverableError( $errors, $parameter = null ) { - // @phan-suppress-previous-line PhanTypeMissingReturn $this->performStash( 'optional', $data ); if ( $parameter ) { @@ -441,7 +440,6 @@ class ApiUpload extends ApiBase { * @return never */ public function dieStatusWithCode( $status, $overrideCode, $moreExtraData = null ) { - // @phan-suppress-previous-line PhanTypeMissingReturn $sv = StatusValue::newGood(); foreach ( $status->getErrors() as $error ) { $msg = ApiMessage::create( $error, $overrideCode ); @@ -654,7 +652,6 @@ class ApiUpload extends ApiBase { * @return never */ protected function checkVerification( array $verification ) { - // @phan-suppress-previous-line PhanTypeMissingReturn switch ( $verification['status'] ) { // Recoverable errors case UploadBase::MIN_LENGTH_PARTNAME: diff --git a/includes/auth/ButtonAuthenticationRequest.php b/includes/auth/ButtonAuthenticationRequest.php index f6c7b6a5084..d82cb962c8f 100644 --- a/includes/auth/ButtonAuthenticationRequest.php +++ b/includes/auth/ButtonAuthenticationRequest.php @@ -103,6 +103,7 @@ class ButtonAuthenticationRequest extends AuthenticationRequest { } elseif ( is_string( $data['label'] ) ) { $data['label'] = new Message( $data['label'] ); } elseif ( is_array( $data['label'] ) && $data['label'] ) { + // @phan-suppress-next-line PhanParamTooFewUnpack Should infer non-emptiness from above $data['label'] = Message::newFromKey( ...$data['label'] ); } if ( !isset( $data['help'] ) ) { @@ -110,6 +111,7 @@ class ButtonAuthenticationRequest extends AuthenticationRequest { } elseif ( is_string( $data['help'] ) ) { $data['help'] = new Message( $data['help'] ); } elseif ( is_array( $data['help'] ) && $data['help'] ) { + // @phan-suppress-next-line PhanParamTooFewUnpack Should infer non-emptiness from above $data['help'] = Message::newFromKey( ...$data['help'] ); } $ret = new static( $data['name'], $data['label'], $data['help'] ); diff --git a/includes/block/BlockManager.php b/includes/block/BlockManager.php index 2fec68afa02..6109a8ec938 100644 --- a/includes/block/BlockManager.php +++ b/includes/block/BlockManager.php @@ -195,7 +195,6 @@ class BlockManager { } elseif ( count( $blocks ) === 1 ) { return $blocks[ 0 ]; } else { - // @phan-suppress-next-line SecurityCheck-DoubleEscaped return new CompositeBlock( [ 'address' => $ip, 'reason' => new Message( 'blockedtext-composite-reason' ), @@ -253,14 +252,12 @@ class BlockManager { if ( !in_array( $ip, $this->options->get( MainConfigNames::ProxyWhitelist ) ) ) { // Local list if ( $this->isLocallyBlockedProxy( $ip ) ) { - // @phan-suppress-next-line SecurityCheck-DoubleEscaped $blocks[] = new SystemBlock( [ 'reason' => new Message( 'proxyblockreason' ), 'address' => $ip, 'systemBlock' => 'proxy', ] ); } elseif ( $isAnon && $this->isDnsBlacklisted( $ip ) ) { - // @phan-suppress-next-line SecurityCheck-DoubleEscaped $blocks[] = new SystemBlock( [ 'reason' => new Message( 'sorbsreason' ), 'address' => $ip, @@ -272,7 +269,6 @@ class BlockManager { // Soft blocking if ( $isAnon && IPUtils::isInRanges( $ip, $this->options->get( MainConfigNames::SoftBlockRanges ) ) ) { - // @phan-suppress-next-line SecurityCheck-DoubleEscaped $blocks[] = new SystemBlock( [ 'address' => $ip, 'reason' => new Message( 'softblockrangesreason', [ $ip ] ), diff --git a/includes/block/DatabaseBlock.php b/includes/block/DatabaseBlock.php index 698dd48d030..cc0e2362d85 100644 --- a/includes/block/DatabaseBlock.php +++ b/includes/block/DatabaseBlock.php @@ -266,7 +266,6 @@ class DatabaseBlock extends AbstractBlock { $conds['ipb_address'][] = (string)$target; $conds['ipb_address'] = array_unique( $conds['ipb_address'] ); $conds[] = self::getRangeCond( IPUtils::toHex( $target ) ); - // @phan-suppress-next-line SecurityCheck-SQLInjection $conds = $db->makeList( $conds, LIST_OR ); break; @@ -274,7 +273,6 @@ class DatabaseBlock extends AbstractBlock { list( $start, $end ) = IPUtils::parseRange( $target ); $conds['ipb_address'][] = (string)$target; $conds[] = self::getRangeCond( $start, $end ); - // @phan-suppress-next-line SecurityCheck-SQLInjection $conds = $db->makeList( $conds, LIST_OR ); break; @@ -284,7 +282,6 @@ class DatabaseBlock extends AbstractBlock { } $blockQuery = self::getQueryInfo(); - // @phan-suppress-next-line SecurityCheck-SQLInjection $res = $db->select( $blockQuery['tables'], $blockQuery['fields'], diff --git a/includes/diff/DifferenceEngineSlotDiffRenderer.php b/includes/diff/DifferenceEngineSlotDiffRenderer.php index 0cbededab37..e371fb7d5af 100644 --- a/includes/diff/DifferenceEngineSlotDiffRenderer.php +++ b/includes/diff/DifferenceEngineSlotDiffRenderer.php @@ -54,7 +54,6 @@ class DifferenceEngineSlotDiffRenderer extends SlotDiffRenderer { /** @inheritDoc */ public function getDiff( Content $oldContent = null, Content $newContent = null ) { $this->normalizeContents( $oldContent, $newContent ); - // @phan-suppress-next-line PhanTypeMismatchArgumentNullable Null handled by normalizeContents return $this->differenceEngine->generateContentDiffBody( $oldContent, $newContent ); } diff --git a/includes/filerepo/file/File.php b/includes/filerepo/file/File.php index 5ff21b4a775..e139905c1e8 100644 --- a/includes/filerepo/file/File.php +++ b/includes/filerepo/file/File.php @@ -36,7 +36,6 @@ use MediaWiki\User\UserIdentity; * @ingroup FileAbstraction */ -// @phan-file-suppress PhanTypeMissingReturn false positives /** * Implements some public methods and some protected utility functions which * are required by multiple child classes. Contains stub functionality for diff --git a/includes/htmlform/fields/HTMLAutoCompleteSelectField.php b/includes/htmlform/fields/HTMLAutoCompleteSelectField.php index a2ac801cd0a..e861b28f82d 100644 --- a/includes/htmlform/fields/HTMLAutoCompleteSelectField.php +++ b/includes/htmlform/fields/HTMLAutoCompleteSelectField.php @@ -44,7 +44,6 @@ class HTMLAutoCompleteSelectField extends HTMLTextField { if ( array_key_exists( 'autocomplete-data-messages', $this->mParams ) ) { foreach ( $this->mParams['autocomplete-data-messages'] as $key => $value ) { - // @phan-suppress-next-line PhanTypeMismatchArgument False positive, $key is documented as string $key = $this->msg( $key )->plain(); $this->autocompleteData[$key] = strval( $value ); } diff --git a/includes/htmlform/fields/HTMLCheckMatrix.php b/includes/htmlform/fields/HTMLCheckMatrix.php index 71143d9c4ea..667c95330ba 100644 --- a/includes/htmlform/fields/HTMLCheckMatrix.php +++ b/includes/htmlform/fields/HTMLCheckMatrix.php @@ -99,7 +99,6 @@ class HTMLCheckMatrix extends HTMLFormField implements HTMLNestedFilterable { // Build the column headers $headerContents = Html::rawElement( 'td', [], "\u{00A0}" ); foreach ( $columns as $columnLabel => $columnTag ) { - // @phan-suppress-next-line PhanTypeMismatchArgument False positive, labels are documented as string $headerContents .= Html::rawElement( 'th', [], $columnLabel ); } $thead = Html::rawElement( 'tr', [], "\n$headerContents\n" ); diff --git a/includes/htmlform/fields/HTMLFormFieldCloner.php b/includes/htmlform/fields/HTMLFormFieldCloner.php index 8ae114548e9..dbf0bc2bdba 100644 --- a/includes/htmlform/fields/HTMLFormFieldCloner.php +++ b/includes/htmlform/fields/HTMLFormFieldCloner.php @@ -485,7 +485,6 @@ class HTMLFormFieldCloner extends HTMLFormField { } $template = $this->getInputHTMLForKey( $this->uniqueId, [] ); - // @phan-suppress-next-line SecurityCheck-DoubleEscaped data-template contains html, but that is okay here $html = Html::rawElement( 'ul', [ 'id' => "mw-htmlform-cloner-list-{$this->mID}", 'class' => 'mw-htmlform-cloner-ul', @@ -558,7 +557,6 @@ class HTMLFormFieldCloner extends HTMLFormField { } $template = $this->getInputOOUIForKey( $this->uniqueId, [] ); - // @phan-suppress-next-line SecurityCheck-DoubleEscaped data-template contains html, but that is okay here $html = Html::rawElement( 'ul', [ 'id' => "mw-htmlform-cloner-list-{$this->mID}", 'class' => 'mw-htmlform-cloner-ul', diff --git a/includes/installer/DatabaseInstaller.php b/includes/installer/DatabaseInstaller.php index 4ca26af4037..a36c066f119 100644 --- a/includes/installer/DatabaseInstaller.php +++ b/includes/installer/DatabaseInstaller.php @@ -229,7 +229,6 @@ abstract class DatabaseInstaller { $this->db->setFlag( DBO_DDLMODE ); $this->db->begin( __METHOD__ ); - // @phan-suppress-next-line SecurityCheck-PathTraversal False positive $error = $this->db->sourceFile( call_user_func( [ $this, $sourceFileMethod ], $this->db ) ); diff --git a/includes/installer/Installer.php b/includes/installer/Installer.php index 4c0c66df3d8..50156d31cc4 100644 --- a/includes/installer/Installer.php +++ b/includes/installer/Installer.php @@ -1377,7 +1377,6 @@ abstract class Installer { $info += $jsonStatus->value; } - // @phan-suppress-next-line SecurityCheckMulti return Status::newGood( $info ); } diff --git a/includes/installer/PostgresInstaller.php b/includes/installer/PostgresInstaller.php index ce9873d71fd..16fa630a16f 100644 --- a/includes/installer/PostgresInstaller.php +++ b/includes/installer/PostgresInstaller.php @@ -196,7 +196,6 @@ class PostgresInstaller extends DatabaseInstaller { $conn = $status->value; $conn->clearFlag( DBO_TRX ); $conn->commit( __METHOD__ ); - // @phan-suppress-next-line SecurityCheck-DoubleEscaped $this->pgConns[$type] = $conn; } diff --git a/includes/installer/WebInstaller.php b/includes/installer/WebInstaller.php index be561a9cb4b..a8067623bfa 100644 --- a/includes/installer/WebInstaller.php +++ b/includes/installer/WebInstaller.php @@ -261,7 +261,6 @@ class WebInstaller extends Installer { # Execute the page. $this->currentPageName = $page->getName(); - // @phan-suppress-next-line PhanTypeMismatchArgumentNullable pageName is not null here $this->startPageWrapper( $pageName ); if ( $page->isSlow() ) { @@ -275,7 +274,6 @@ class WebInstaller extends Installer { if ( $result == 'skip' ) { # Page skipped without explicit submission. # Skip it when we click "back" so that we don't just go forward again. - // @phan-suppress-next-line PhanTypeMismatchDimAssignment pageName is not null here $this->skippedPages[$pageName] = true; $result = 'continue'; } else { diff --git a/includes/installer/WebInstallerOptions.php b/includes/installer/WebInstallerOptions.php index 091a747e1f7..64b82516020 100644 --- a/includes/installer/WebInstallerOptions.php +++ b/includes/installer/WebInstallerOptions.php @@ -205,7 +205,6 @@ class WebInstallerOptions extends WebInstallerPage { } $skinHtml .= '
' . - // @phan-suppress-next-line SecurityCheck-DoubleEscaped $this->parent->getCheckBox( [ 'var' => "skin-$skin", 'rawtext' => $screenshotText, @@ -299,14 +298,12 @@ class WebInstallerOptions extends WebInstallerPage { } } - // @phan-suppress-next-line SecurityCheck-XSS $text = wfMessage( 'config-extensions-requires' ) ->rawParams( $ext, $wgLang->commaList( $links ) ) ->escaped(); } else { $text = $ext; } - // @phan-suppress-next-line SecurityCheck-DoubleEscaped $extHtml .= $this->parent->getCheckBox( [ 'var' => "ext-$ext", 'rawtext' => $text, diff --git a/includes/libs/ArrayUtils.php b/includes/libs/ArrayUtils.php index 0ea6f6c894f..a6fd4905541 100644 --- a/includes/libs/ArrayUtils.php +++ b/includes/libs/ArrayUtils.php @@ -89,7 +89,6 @@ class ArrayUtils { } } - // @phan-suppress-next-line PhanPossiblyUndeclaredVariable weight is non-empty and i is always set return $i; } diff --git a/includes/libs/ParamValidator/TypeDef/UploadDef.php b/includes/libs/ParamValidator/TypeDef/UploadDef.php index ec5ec1ce5e6..4449ded09a9 100644 --- a/includes/libs/ParamValidator/TypeDef/UploadDef.php +++ b/includes/libs/ParamValidator/TypeDef/UploadDef.php @@ -114,6 +114,7 @@ class UploadDef extends TypeDef { } else { $constant = ''; foreach ( get_defined_constants() as $c => $v ) { + // @phan-suppress-next-line PhanTypeComparisonFromArray if ( $v === $err && substr( $c, 0, 11 ) === 'UPLOAD_ERR_' ) { $constant = " ($c?)"; } diff --git a/includes/libs/WRStats/BagOStuffStatsStore.php b/includes/libs/WRStats/BagOStuffStatsStore.php index 15eee1c1908..eff03346e89 100644 --- a/includes/libs/WRStats/BagOStuffStatsStore.php +++ b/includes/libs/WRStats/BagOStuffStatsStore.php @@ -21,6 +21,10 @@ class BagOStuffStatsStore implements StatsStore { $this->cache = $cache; } + /** + * @inheritDoc + * @suppress PhanParamTooFewUnpack + */ public function makeKey( $prefix, $internals, $entity ) { if ( $entity->isGlobal() ) { return $this->cache->makeGlobalKey( diff --git a/includes/libs/mime/MimeAnalyzer.php b/includes/libs/mime/MimeAnalyzer.php index df03413ae41..201f726298a 100644 --- a/includes/libs/mime/MimeAnalyzer.php +++ b/includes/libs/mime/MimeAnalyzer.php @@ -600,7 +600,6 @@ class MimeAnalyzer implements LoggerAwareInterface { if ( str_starts_with( $head, $magic ) ) { $this->logger->info( __METHOD__ . ": magic header in $file recognized as $candidate" ); - // @phan-suppress-next-line PhanTypeMismatchReturn False positive return $candidate; } } diff --git a/includes/libs/objectcache/wancache/WANObjectCache.php b/includes/libs/objectcache/wancache/WANObjectCache.php index fce099a874e..208770b4988 100644 --- a/includes/libs/objectcache/wancache/WANObjectCache.php +++ b/includes/libs/objectcache/wancache/WANObjectCache.php @@ -2321,6 +2321,7 @@ class WANObjectCache implements * @since 1.27 */ public function makeGlobalKey( $collection, ...$components ) { + // @phan-suppress-next-line PhanParamTooFewUnpack Should infer non-emptiness return $this->cache->makeGlobalKey( ...func_get_args() ); } @@ -2335,6 +2336,7 @@ class WANObjectCache implements * @since 1.27 */ public function makeKey( $collection, ...$components ) { + // @phan-suppress-next-line PhanParamTooFewUnpack Should infer non-emptiness return $this->cache->makeKey( ...func_get_args() ); } diff --git a/includes/libs/rdbms/database/DatabaseSqlite.php b/includes/libs/rdbms/database/DatabaseSqlite.php index d02690c321a..9b598b2e592 100644 --- a/includes/libs/rdbms/database/DatabaseSqlite.php +++ b/includes/libs/rdbms/database/DatabaseSqlite.php @@ -782,7 +782,6 @@ class DatabaseSqlite extends Database { } } - // @phan-suppress-next-line SecurityCheck-SQLInjection SQL is taken from database $res = $this->query( $sqlCreateTable, $fname, diff --git a/includes/libs/rdbms/dbal/MWMySQLPlatform.php b/includes/libs/rdbms/dbal/MWMySQLPlatform.php index f1e473a57c3..167be2e4aa2 100644 --- a/includes/libs/rdbms/dbal/MWMySQLPlatform.php +++ b/includes/libs/rdbms/dbal/MWMySQLPlatform.php @@ -1,9 +1,5 @@ conds[] = $cond; } elseif ( isset( $this->conds[$key] ) ) { + // @phan-suppress-previous-line PhanTypeMismatchDimFetch // T288882 $this->conds[] = $this->db->makeList( [ $key => $cond ], IDatabase::LIST_AND ); diff --git a/includes/logging/LogEventsList.php b/includes/logging/LogEventsList.php index 916e4232426..662a9003c3f 100644 --- a/includes/logging/LogEventsList.php +++ b/includes/logging/LogEventsList.php @@ -683,6 +683,7 @@ class LogEventsList extends ContextSource { if ( $logBody ) { if ( $msgKey[0] ) { + // @phan-suppress-next-line PhanParamTooFewUnpack Non-emptiness checked above $msg = $context->msg( ...$msgKey ); if ( $page instanceof PageReference ) { $msg->page( $page ); diff --git a/includes/media/BitmapHandler.php b/includes/media/BitmapHandler.php index dc6a35ba23e..792dba3b94e 100644 --- a/includes/media/BitmapHandler.php +++ b/includes/media/BitmapHandler.php @@ -516,6 +516,7 @@ class BitmapHandler extends TransformationalImageHandler { if ( $useQuality && isset( $params['quality'] ) ) { $funcParams[] = $params['quality']; } + // @phan-suppress-next-line PhanParamTooFewInternalUnpack,PhanParamTooFewUnpack There are at least 2 args $saveType( ...$funcParams ); imagedestroy( $dst_image ); diff --git a/includes/media/SvgHandler.php b/includes/media/SvgHandler.php index 4d758729df1..c5a5a19e3a9 100644 --- a/includes/media/SvgHandler.php +++ b/includes/media/SvgHandler.php @@ -367,7 +367,6 @@ class SvgHandler extends ImageHandler { $err = wfShellExecWithStderr( $cmd, $retval, $env ); } } - // @phan-suppress-next-line PhanTypeMismatchArgumentNullable False positive $removed = $this->removeBadFile( $dstPath, $retval ); if ( $retval != 0 || $removed ) { // @phan-suppress-next-next-line PhanPossiblyUndeclaredVariable cmd is set when used diff --git a/includes/page/ImagePage.php b/includes/page/ImagePage.php index 1f08a1afee7..4b4876d8001 100644 --- a/includes/page/ImagePage.php +++ b/includes/page/ImagePage.php @@ -490,7 +490,6 @@ class ImagePage extends Article { [], [ 'page' => $page - 1 ] ); - // @phan-suppress-next-line SecurityCheck-DoubleEscaped link getting a key, false positive $thumb1 = Linker::makeThumbLinkObj( $this->getTitle(), $this->displayImg, @@ -511,7 +510,6 @@ class ImagePage extends Article { [], [ 'page' => $page + 1 ] ); - // @phan-suppress-next-line SecurityCheck-DoubleEscaped link getting a key, false positive $thumb2 = Linker::makeThumbLinkObj( $this->getTitle(), $this->displayImg, diff --git a/includes/pager/IndexPager.php b/includes/pager/IndexPager.php index 57f60e7e562..4a9f3398e01 100644 --- a/includes/pager/IndexPager.php +++ b/includes/pager/IndexPager.php @@ -830,6 +830,7 @@ abstract class IndexPager extends ContextSource implements Pager { if ( $declaringClass !== __CLASS__ ) { // Overriding makeLink() is deprecated since 1.39 $navBuilder->setMakeLinkCallback( function ( ...$args ) { + // @phan-suppress-next-line PhanParamTooFewUnpack return $this->makeLink( ...$args ); } ); } diff --git a/includes/parser/CoreParserFunctions.php b/includes/parser/CoreParserFunctions.php index 94cb9a3f210..ac69387d3ee 100644 --- a/includes/parser/CoreParserFunctions.php +++ b/includes/parser/CoreParserFunctions.php @@ -531,7 +531,6 @@ class CoreParserFunctions { wfMessage( 'duplicate-displaytitle', // Message should be parsed, but these params should only be escaped. $converter->markNoConversion( wfEscapeWikiText( $old ) ), - // @phan-suppress-next-line SecurityCheck-DoubleEscaped we removed escaping above $converter->markNoConversion( wfEscapeWikiText( $filteredText ) ) )->inContentLanguage()->text() . ''; diff --git a/includes/parser/CoreTagHooks.php b/includes/parser/CoreTagHooks.php index 01bf5aa7cad..da2b98525d2 100644 --- a/includes/parser/CoreTagHooks.php +++ b/includes/parser/CoreTagHooks.php @@ -83,6 +83,7 @@ class CoreTagHooks { [ '>', '<' ], $content ); + // @phan-suppress-next-line SecurityCheck-XSS Ad-hoc escaping above. return Html::rawElement( 'pre', $attribs, $content ); } diff --git a/includes/parser/PPFrame_Hash.php b/includes/parser/PPFrame_Hash.php index d85a251b345..4e34f9c82b8 100644 --- a/includes/parser/PPFrame_Hash.php +++ b/includes/parser/PPFrame_Hash.php @@ -148,7 +148,6 @@ class PPFrame_Hash implements PPFrame { } } } - // @phan-suppress-next-line SecurityCheck-XSS taint track for keys in named args, false positive return new PPTemplateFrame_Hash( $this->preprocessor, $this, $numberedArgs, $namedArgs, $title ); } diff --git a/includes/parser/PPTemplateFrame_Hash.php b/includes/parser/PPTemplateFrame_Hash.php index 7acb396804e..4f2af0fbbdd 100644 --- a/includes/parser/PPTemplateFrame_Hash.php +++ b/includes/parser/PPTemplateFrame_Hash.php @@ -174,7 +174,6 @@ class PPTemplateFrame_Hash extends PPFrame_Hash { if ( !isset( $this->namedExpansionCache[$name] ) ) { # Trim named arguments post-expand, for backwards compatibility $this->namedExpansionCache[$name] = trim( - // @phan-suppress-next-line SecurityCheck-XSS $this->parent->expand( $this->namedArgs[$name], PPFrame::STRIP_COMMENTS ) ); } return $this->namedExpansionCache[$name]; diff --git a/includes/parser/Parser.php b/includes/parser/Parser.php index cc175f6b9fa..d85a01d3cdb 100644 --- a/includes/parser/Parser.php +++ b/includes/parser/Parser.php @@ -690,7 +690,6 @@ class Parser { // Strip U+0000 NULL (T159174) $text = str_replace( "\000", '', $text ); - // @phan-suppress-next-line PhanTypeMismatchArgumentNullable False positive $this->startParse( $page, $options, self::OT_HTML, $clearState ); $this->currentRevisionCache = null; @@ -2225,7 +2224,6 @@ class Parser { # This means that users can paste URLs directly into the text # Funny characters like รถ aren't valid in URLs anyway # This was changed in August 2004 - // @phan-suppress-next-line SecurityCheck-XSS,SecurityCheck-DoubleEscaped using false for escape is valid $s .= Linker::makeExternalLink( $url, $text, false, $linktype, $this->getExternalLinkAttribs( $url ), $this->getTitle() ) . $dtrail . $trail; @@ -3326,11 +3324,9 @@ class Parser { # Replace raw HTML by a placeholder if ( $isHTML ) { - // @phan-suppress-next-line SecurityCheck-XSS Mixed mode, here html and safe $text = $this->insertStripItem( $text ); } elseif ( $nowiki && ( $this->ot['html'] || $this->ot['pre'] ) ) { # Escape nowiki-style return values - // @phan-suppress-next-line SecurityCheck-DoubleEscaped Mixed mode, here html and safe $text = wfEscapeWikiText( $text ); } elseif ( is_string( $text ) && !$piece['lineStart'] @@ -4469,7 +4465,6 @@ class Parser { // be able to convert that piece of data. // Gets replaced with html in ParserOutput::getText $editlink = ''; } else { @@ -4583,7 +4578,6 @@ class Parser { if ( $clearState ) { $magicScopeVariable = $this->lock(); } - // @phan-suppress-next-line PhanTypeMismatchArgumentNullable False positive $this->startParse( $page, $options, self::OT_WIKI, $clearState ); $this->setUser( $user ); diff --git a/includes/specialpage/AuthManagerSpecialPage.php b/includes/specialpage/AuthManagerSpecialPage.php index 359a63ee881..886214944e9 100644 --- a/includes/specialpage/AuthManagerSpecialPage.php +++ b/includes/specialpage/AuthManagerSpecialPage.php @@ -451,10 +451,12 @@ abstract class AuthManagerSpecialPage extends SpecialPage { $status = Status::newFatal( new RawMessage( '$1', [ $status ] ) ); } elseif ( is_array( $status ) ) { if ( is_string( reset( $status ) ) ) { + // @phan-suppress-next-line PhanParamTooFewUnpack $status = Status::newFatal( ...$status ); } elseif ( is_array( reset( $status ) ) ) { $ret = Status::newGood(); foreach ( $status as $message ) { + // @phan-suppress-next-line PhanParamTooFewUnpack $ret->fatal( ...$message ); } $status = $ret; diff --git a/includes/specials/SpecialBlock.php b/includes/specials/SpecialBlock.php index e2094d4b51c..6ff70f9d12c 100644 --- a/includes/specials/SpecialBlock.php +++ b/includes/specials/SpecialBlock.php @@ -201,6 +201,7 @@ class SpecialBlock extends FormSpecialPage { [ 'align' => 'top', 'errors' => array_map( function ( $errMsg ) { + // @phan-suppress-next-line PhanParamTooFewUnpack Should infer non-emptiness return new OOUI\HtmlSnippet( $this->msg( ...$errMsg )->parse() ); }, $this->preErrors ), ] diff --git a/includes/specials/SpecialUploadStash.php b/includes/specials/SpecialUploadStash.php index ee70db7284b..c79674362c8 100644 --- a/includes/specials/SpecialUploadStash.php +++ b/includes/specials/SpecialUploadStash.php @@ -130,7 +130,6 @@ class SpecialUploadStash extends UnlistedSpecialPage { $message = $e->getMessage(); } - // @phan-suppress-next-line PhanPossiblyUndeclaredVariable False positive throw new HttpError( $code, $message ); } diff --git a/includes/specials/forms/UploadForm.php b/includes/specials/forms/UploadForm.php index bcb58a6b6db..4cc0f942d1a 100644 --- a/includes/specials/forms/UploadForm.php +++ b/includes/specials/forms/UploadForm.php @@ -172,7 +172,6 @@ class UploadForm extends HTMLForm { $descriptor = []; if ( $this->mTextTop ) { $descriptor['UploadFormTextTop'] = [ - // @phan-suppress-next-line SecurityCheck-XSS mTextTop is raw html 'type' => 'info', 'section' => 'source', 'default' => $this->mTextTop, @@ -339,7 +338,6 @@ class UploadForm extends HTMLForm { ]; if ( $this->mTextAfterSummary ) { $descriptor['UploadFormTextAfterSummary'] = [ - // @phan-suppress-next-line SecurityCheck-XSS mTextAfterSummary is raw html 'type' => 'info', 'section' => 'description', 'default' => $this->mTextAfterSummary, diff --git a/includes/upload/UploadFromChunks.php b/includes/upload/UploadFromChunks.php index d71782c82cc..234ad1642c8 100644 --- a/includes/upload/UploadFromChunks.php +++ b/includes/upload/UploadFromChunks.php @@ -122,7 +122,6 @@ class UploadFromChunks extends UploadFromFile { $this->getChunkStatus(); $metadata = $this->stash->getMetadata( $key ); - // @phan-suppress-next-line SecurityCheckMulti,SecurityCheck-PathTraversal $this->initializePathInfo( $name, $this->getRealPath( $metadata['us_path'] ), $metadata['us_size'], diff --git a/includes/upload/UploadFromStash.php b/includes/upload/UploadFromStash.php index 8e2fac704ad..56ee1fff284 100644 --- a/includes/upload/UploadFromStash.php +++ b/includes/upload/UploadFromStash.php @@ -100,7 +100,6 @@ class UploadFromStash extends UploadBase { * an opaque key to the user agent. */ $metadata = $this->stash->getMetadata( $key ); - // @phan-suppress-next-line SecurityCheck-PathTraversal $this->initializePathInfo( $name, $initTempFile ? $this->getRealPath( $metadata['us_path'] ) : false, $metadata['us_size'], diff --git a/includes/user/User.php b/includes/user/User.php index b1201007c8d..c8cbfa7750a 100644 --- a/includes/user/User.php +++ b/includes/user/User.php @@ -871,6 +871,7 @@ class User implements Authority, UserIdentity, UserEmailContact { if ( !$row ) { // No user. Create it? + // @phan-suppress-next-line PhanImpossibleCondition if ( !$options['create'] ) { // No. return null; @@ -887,6 +888,7 @@ class User implements Authority, UserIdentity, UserEmailContact { if ( !$user->isSystemUser() ) { // User exists. Steal it? + // @phan-suppress-next-line PhanRedundantCondition if ( !$options['steal'] ) { return null; } diff --git a/maintenance/includes/MWDoxygenFilter.php b/maintenance/includes/MWDoxygenFilter.php index 95037fc4445..92bde6497f0 100644 --- a/maintenance/includes/MWDoxygenFilter.php +++ b/maintenance/includes/MWDoxygenFilter.php @@ -19,7 +19,6 @@ * * @file * @ingroup Maintenance - * @phan-file-suppress PhanInvalidCommentForDeclarationType False negative about `@var` */ /** diff --git a/maintenance/includes/TextPassDumper.php b/maintenance/includes/TextPassDumper.php index 48d99e20248..d80221eee39 100644 --- a/maintenance/includes/TextPassDumper.php +++ b/maintenance/includes/TextPassDumper.php @@ -703,6 +703,7 @@ TEXT $failures++; // A failure in a prefetch hit does not warrant resetting db connection etc. + // @phan-suppress-next-line PhanPossiblyUndeclaredVariable Control flow is hard to understand here. if ( !$tryIsPrefetch ) { // After backing off for some time, we try to reboot the whole process as // much as possible to not carry over failures from one part to the other