Part of the soft deprecated revision class, no known callers outside of a test, which hide the deprecation
Bug: T246284
Change-Id: I7b80c7e51e26845d2703d1dc5434baf9d0744d11
Part of the soft deprecated revision class, no known callers outside
of EditPage, which is updated, and tests, which hide the deprecation
Bug: T246284
Change-Id: I099cb93a12f3a1d9a720e18e3236374321ce7b0c
blob: is basically a fancy version of eval(), commonly used with
web workers. We currently allow eval() ('unsafe-eval'), so we
might as well include blob. If we try and lock-down eval() at
some later point, we can re-evaluate this decision.
AFAIK, blob: urls are currently used with web workers in
NavigationTiming and CodeEditor extensions.
Bug: T245981
Change-Id: I3c44286e140ddfe2d3abd31428e0770ff5531e37
$wgVersion is not a configuration variable, it should never be
changed at run-time.
While we've gone in the route of class constants for most constants,
this one will not benefit from class-autoloading since it needs to
be present from the very beginning.
MW_VERSION is named similarly as PHP_VERSION, and $wgVersion is
now soft-deprecated.
Bug: T212738
Change-Id: I04628de4152dd5c72646813e08ff35e422e265a4
Also replace uses. Some callers had a user that could be null;
RevisionRecord::userCanBitfield requires a user, so add $wgUser
fallbacks at the callers with soft deprecations for using them,
and will hard deprecate in a subsequent task.
Bug: T245958
Change-Id: I137e21e3883b149fdd98d1b59d4e498d15b39dd9
MediaWiki provides at least a dozen distinct ways that debug logs
can be generated, augmented and displayed, and even more ways
for profiling information can be collected. This makes it difficult
to reason about overall and isn't helping with on-boarding.
Reduce investments to only a few methods and make them great,
starting by removing possibly the least useful profiler we have
today (relative to the others we've developed since then),
which is the "relative timestamps and memory use" prepended
to wfDebug messages, which would presumably be used in conjuction
with $wgDebugComments, $wgDebugToolbar or $wgDebugLogFile of
which the latter two already includes timestamps and/or offsets.
If this is truly useful, I suggest we (unconditionally) make use
of offsets in (one of) those instead.
Originally introduced in r61582 (b1e2b87b95).
Change-Id: I09d1cb0d3f5b0b3165ed4d299b71c051b78a1918
* Where possible and easy to figure out, change `array` to something like
`array<K,V>` or `V[]` for improved static analysis to catch/prevent
regressions in CI.
* Minor doc improvements:
- consistently use the imperative mood for method briefs,
- consistently use @internal instead of @private,
- explain in @throws why they happen to inform when they should be caught
(and remove if they are not meant to be caught/handled by any caller).
* Simplify addSources() implementation as a simple loop instead recursing
(not worth the complexity, only called once or twice at runtime).
* Use more granular exceptions to distinguish between errors that indicate
a mistake on the caller (logic/invalid arguments error), and runtime
errors (which are more circumstantial).
* Update register() unit test for bad 'moduleInfo' type to use
a nested value, given that the second-parameter level type is
now verified by the signature already.
Change-Id: Id98ba1f28cb7f1c72f0a3e82f4151bcbd0f3db77
Follows-up d4045035b0.
This class was added to the MediaWiki\Special namespace, contrary to the
plan in T166010 which reserves that namespace for core special pages.
Instead, use MediaWiki\SpecialPage, following the directory in which it
is located.
Also, fix two bugs which prevented the introduction of a namespaced
class alias.
Bug: T166010
Change-Id: I6e31340aaae32a89beb7e45b79d76a7fea9808d2
* Make use of assertGreaterThan() where possible.
* Use the more trivial assertSame() for arrays with only 0 or 1
elements.
* Flip a few assertions where the expected and actual value have been
flipped.
* Remove some unused function arguments.
Change-Id: I1d3b5dd55736931fa484065a4aa8d7e336980682
Not passing a user to the following functions is deprecated:
* Title::getNotificationTimestamp
* Revision::newNullRevision
* WikiPage::insertProtectNullRevision
* PatrolLog::record
* LogEventsList::userCan
* LogEventsList::userCanBitfield
* LogEventsList::userCanViewLogType
* LogPage::addEntry
Bug: T242935
Bug: T243652
Change-Id: I8990bc16ac72680fb65f8ca37eb7908749a9e5cc
In VisualEditor, when the user is saving their edit, we want to ensure
that they understand how their edit will be attributed. Therefore, if
the user gets logged out or logs in in another tab, we want to display
a message about it before saving.
We've been detecting this situation by manually managing tokens and
handling the 'badtoken' error, but our code would be much simpler and
it would be possible to share it with other extensions if we could
instead rely on automatic retrying in mw.Api#postWithToken and use
'assertuser' and 'assert' parameters. 'assert=anon' is the only
feature we're missing.
Bug: T245327
Change-Id: I485f99e1f5f493262b0c9af22370da01adf1e09c
IPs and external names could still have an actor ID. Don't return a
UserIdentityValue with the actor ID set to zero for these.
For now, that means we'll always return a User object since those have
the logic to fill in missing fields.
Bug: T245652
Change-Id: I7df3629d2c892b61f61f763db099be9974ec7f07
<object> and <embed> are from a mostly bygone era. They often can
be used to evade CSP rules, and are often a soft spot for browser
security.
The default value of 'none', disables <object>, <embed>. In some
browsers this will also disable loading some file formats like
pdf directly in an iframe.
The only use I am aware of is in TimedMediaHandler. However, it seems
like the mw.EmbedPlayerGeneric, mw.EmbedPlayerKplayer, and
mw.EmbedPlayerVlc.js are no longer used.
Bug: T239051
Change-Id: Iae7ab1f5b7c422803782848c787bc1a4c6339913
I find most uses of array_filter(), array_reduce(), etc. to be
excessively clever, i.e. they are used to prove how smart the
developer is, at the expense of readability and performance. So I am
pleased to have a defensible reason to remove these instances, which
broke PHPStorm's type propagation.
Change-Id: I03dcd6c3c80f19f90e7b39448b5508713da63806
