Introduce a temporary feature flag that will be used to display
Special:Block UI in Codex.
Bug: T358153
Change-Id: I74bc90af986ac2f429a952a19b6edf4fb02c5618
After the deployment of the updated mediawiki.cookie module, the
configuration variable can be safely removed.
Bug: T344791
Change-Id: Idf3b3ef521ef2ac368c3f575f99bf4c6da7baa82
Not to be confused with $wgOpenSearchTemplates (plural)
Soft-deprecated since 1.25 and hard-deprecated since at least
I9776d11d4e2d184 (1.39).
Not set in production.
Change-Id: I6a95b9e0e2b74bb44d51c375a62886761ec9ea88
This is used to (among other things) detect lang tags in multilingual
SVGs. Users have complained that lang tags are often missed in large
SVG files.
The cut-off is used for two things during upload:
* Run some (simple) regexes to detect <?xml header
* Use XMLReader (with entity substitution enabled!) to look for specific tags.
The first check doesn't make sense to use a configurable cut off. Change
it to look at the first 4096 bytes only. The <?xml header is required to be
the first thing in the file other than BOM, so this should be more than
sufficient. XML parsers give a fatal error if there is whitespace before
the <?xml declaration.
It seems unlikely to be problematic to use XMLReader on up to 5MB of the file,
since that is a "pull" XML parser, and won't load the entire file at once.
The code that cuts off the SVG at the 5MB mark likely uses more memory
than parsing the file does. In fact, we separately use XMLReader to do
security checks with no such cut-off, so potentially it could even make sense
to remove the cut-off entirely, since clearly parsing the full file is not
causing problems.
Bug: T270889
Change-Id: I7350918647d92c40934a7c86e906b6bfb8a40ada
The array_merge_recursive merge strategy is not intuitive and not
recommended. It does not appear to be used in any of the extensions
or skins that codesearch is aware of. To prevent confusion and
accidental use of array_merge_recursive when the behavior of
array_replace_recursive is likely desired, the array_merge_recursive
merge strategy is deprecated by this patch.
Bug: T292602
Change-Id: Ia0b861c308e6c7b4d40994af4c535ffdfa2b9ff5
* Deprecate the wgUseSameSiteLegacyCookies configuration variable and
imply false (the previous default).
* Deprecate WebRequest::getCrossSiteCookie(), which was introduced to
support this feature.
* Ignore the sameSiteLegacy option if it is passed to
WebResponse::setCookie() or mediawiki.cookie.set(). The configuration
variable can't be removed until the after the JS change is deployed.
Bug: T344791
Change-Id: I30392ebc02809bc6b6ee2070d3e468e48d5d1fae
Why:
* The wgEnablePartialActionBlocks config is marked as unstable,
but also as to be removed before 1.38.
* This is no longer the case as this config is present in 1.42 and
as such this should be removed and instead still indicate this
is unstable without listing a release version for this config.
What:
* Reword the @unstable tag for the wgEnablePartialActionBlocks
to no longer reference a specific release version.
Bug: T280531
Change-Id: I317cd07c42aa59c6a45bf7403fdc79a363880bb5
MediaWiki UI has never really made it out of beta before being
deprecated. Legacy code using plain HTML forms doesn't need it;
new code can be written using Codex.
Bug: T182050
Change-Id: Ib9966bc6a4a94f771cb99a5aa52fb6a1dc826ca5
Soft-deprecated since 1.26 and hard-deprecated since at least
I9776d11d4e2d184 (1.39).
Not set in production.
Change-Id: I55e4569c5a40f77a719bc7ab1924eaa706e0da53
Soft-deprecated since 1.35 and hard-deprecated since at least
I9776d11d4e2d184 (1.39).
Not set in production.
Change-Id: I68b68ffcdff22daafad34c186d1cc609dcecbf32
Soft-deprecated since 1.33 and hard-deprecated since at least
I9776d11d4e2d184 (1.39). It's already noop in the code.
Not set in production.
Change-Id: I5895bc4dae9620d53c37188662e21bf01ae7bd85
Soft-deprecated since 1.37 and hard-deprecated since at least
I9776d11d4e2d184 (1.39)
Not set in production.
Change-Id: I0b25e89d1652dfa697ab1176a1e2b6ca3163bdab
It has been deprecated since 1.35, hard deprecated since at least I9776d11d4e2d184
No grep result in wmf-config
Change-Id: I2c67bab3e3212f25a0cbce7301f5e32a082f76da
Some less trivial cases. Also update variable names.
This doesn't really change anything, but I hope it helps promote
getConnectionProvider() as the common way to do this.
Follow-up to 8604c384f6.
Change-Id: I6657d783375fac5c7fa856b884ff1fb09285e94c
Add a user preference to allow the user to enable or disable
EditRecovery.
Set the default as disabled.
Bug: T350653
Change-Id: Ibbb59eb84f1dd0b40f9576e048f2ac76044f9014
Use ObjectFactory specifications instead of class names in
$wgLogActionHandlers, like in most other places. Class name
support is retained for B/C.
Also remove old LogPage code that assumed $wgLogActionsHandlers
is an array of callables. This is how $wgLogActionsHandlers was
defined in b6d72cfeb2, but then
4ac56c2466 redefined it to an
array of classnames (and I6846ce0 adjusted the documentation),
and the old functionality has been broken since.
Make LogFormatter::__construct() public so subclasses can be
created in the service wiring.
Technically this is a breaking change since there is no
guarantee existing formatter classes are publicly creatable,
but there is no way to issue a deprecation warning about that,
and it isn't really covered by the stable interface policy.
All non-public constructors found by codesearch are fixed in
companion patches.
Bug: T54220
Change-Id: I72427a4b3f4be1c3c1eb3522a8b58fe9445a3397
Depends-On: Ie691e8d59141f696619dce8f756645c45a3e943a
Depends-On: I41562247d51f4f9fe8dafed37ba2ad81c881d99d
Why:
* There is a need to update the generation and match pattern on
WMF wikis to a new format that includes the year and starts with
`~`. As such, the 'matchPattern' key needs to be updated.
* Removing the old 'matchPattern' from the wgAutoCreateTempUser
config currently leaves existing temporary accounts as no longer
recongnised as temporary accounts.
* Instead, the 'matchPattern' needs to be able to take an array of
string patterns so that old patterns can still be used for matching.
What:
* Update the MainConfigSchama to indicate that 'matchPattern' in the
wgAutoCreateTempUser config can be an array of strings.
* Add TempUserConfig::getMatchPatterns and deprecate TempUserConfig::
getMatchPattern. This is needed because ::getMatchPattern was typed
to only ever return one Pattern, which is no longer the case with this
config change.
* Update the RealTempUserConfig to support multiple patterns defined in
the 'matchPattern' key. The RealTempUserConfig::getMatchPattern method
returns the pattern or first pattern if multiple are defined to allow
time for existing usages of this deprecated method to be updated.
* Update the RealTempUserConfig to rely on other methods instead of checking
object property values where possible (e.g. use ::isEnabled instead of
checking $this->enabled) to allow easier unit testing.
* Update UserSelectQueryBuilder and ChangesListSpecialPage to use TempUserConfig
::getMatchPatterns instead of ::getMatchPattern.
* Update mediawiki.util/util.js to be able to parse the 'matchPattern' value
when it is an array of strings.
* Update maintenance/userOptions.php to use ::getMatchPatterns instead of
::getMatchPattern.
* Add and update unit and integration tests for the new code, as well as
expanding coverage over existing code that was indirectly affected.
Bug: T354619
Change-Id: I3763daefe4dc7c76370bd934fb20452591c9c762
User options saved to the database and retrieved get converted
to strings, but defaults and set but not yet saved vaues don't.
This behavior can be confusing.
When a value equal to the default is set for a given user, that
value won't be written to the database; defaults are represented
by the lack of a database row. This behavior can also be
confusing.
Update the phpdoc of some user preferences related methods and
variables to make these things clearer.
Change-Id: I32a18b30f007c97015e6d641379ce60ab6ac7ed7
INSERT IGNORE when inserting NULL into a non-nullable field will succeed
with a warning on MySQL but fail on PostgreSQL. In any case, it's
probably harmful and unintended. But to check the error code of MySQL
warnings, you need to query the server with SHOW WARNINGS, so there is a
performance cost.
So, add a configuration variable which, when enabled, checks warnings
after INSERT to see if there were any null type constraint errors. Set
it to true in DevelopmentSettings.php and TestSetup.php.
Change-Id: I5e47e2d3cc7e0f804036e11b512b1e3b76804432
Follows-up I8518e0488 (9c02258a04).
Instead of documenting how to compute the number to manually verify
it, use the expression directly. This should make it significantly
easier to understand, verify, and modify.
Noteworthy:
* Language.php, I kept 31_556_952 as-is because the
calculation would otherwise involve a float. It also has the benefit
of allowing the long durations to build upon that as a given number.
* SqlBlobStore.php, remove this irrelevant default value as it is
unreachable. The only call to new SqlBlobStore is BlobStoreFactory,
which always calls setCacheExpiry. For back-compat and to keep
tests as-is, move to re-used constant between class and config.
Change-Id: I86b034883bd7efdf93b8365b43178af826f1c703
* Log a message when thumbnailing is attempted but disableLocalTransform
is set in configuration. There is already a similar log entry in
thumb.php but it was missing for other callers.
* Update the config docs.
Change-Id: If4c02b831989e6183b72384e676cddeab1dcf41e
Why:
Sometimes, it is necessary to have different behavior
for newly registered and existing users. For example,
this happens in the Echo or GrowthExperiments extensions.
As of now, this behavior is implemented by inserting
user_properties rows in onLocalUserCreated.
Over time, this results in a singificant amount of rows
inserted, which contributes to the user_properties table bloat,
which is already overly large (cf. T54777). This patch makes it
possible to remove such rows by supporting conditional defaults
for user properties.
What:
Add support for conditional defaults of user properties. This can be
configured via `ConditionalUserOptions` config option.
Bug: T321527
Change-Id: I1549c3137e66801c85e03e46427e27da333d68e2
Why:
* Part of a temporary user name is generated from an index that
increments, which is stored in the database.
* As specified in T345855, the index will be restarted each year.
* Also specified in T345855, the year will be included in
generated temporary user names.
What:
* Since the year must be included in the name in order to avoid
naming conflicts if the index is restarted each year, both are
implemented together and controlled by a single config.
* Add a new config option that, when true, restarts the name
generation index at the start of each year and add the year into
the user name: $wgAutoCreateTempUser['serialProvider']['useYear']
* Add a uas_year column to the user_autocreate_serial table, which
is unique in combination with uas_shard, so the index can be
stored for each shard/year combination.
* The year is added into the username just after the prefix, as
specified in T345855. This is based on research that having the
year near the start of the name aids understanding that the
names are not IP addresses. The position of the year within the
name is therefore not configurable (though whether to include
it is). See T345855 for the research.
Bug: T349494
Bug: T349501
Depends-On: I6b3c640a4e74f52fd4a4f46de5a2cbe80fe3b665
Change-Id: If51acb3f4efa361ce36d919c862a52501a5a7d24
Why:
* Naming conflicts may arise on autocreation.
* For example, when generating temporary user names, the config
wgAutoCreateTempUser['serialMapping']['type'] determines how
the unique, numerical part of the name is generated, and naming
conflicts may arise when changing types.
* Specifically we encountered the case of changing the
$wgAutoCreateTempUser['serialMapping']['type'] from 'scramble'
to 'plain-numeric'.
* In general conflict could be avoided in 'plain-numeric' mode if
the highest number used in an existing username is known, by
adding an offset.
What:
* Handle an 'offset' config option in PlainNumericSerialMapping to
allow avoiding conflicts.
Bug: T353545
Change-Id: Id2f9a5b5cc808ce859b93b597cf7ea0efcd9e269
