XmlTypeCheck's use of xml_parse for filtering SVG's sometimes left xml
entities unexpanded, which can lead to false-negatives when the
callback was used for filtering. Update XmlTypeCheck to use XMLReader
instead, tell the library to fully expand entities, and rely on the
library to error out if it encounters XML that is likely to cause a DoS
if parsed.
Bug: T88310
Change-Id: I77c77a2d6d22f549e7ef969811f7edd77a45dbba
* Remove redundant @licence/@license from test suite files.
They already have full licence headers. And @licence raises a
warning in Doxygen.
* Fix weird messes of comments inside comments and other things.
Change-Id: I38da8ca76330f72b8dc22b0ecf1ea69d5ea55ede
This drops support for the custom utf8 normal PHP extension in favor
of the intl extension.
Bug: T90825
Change-Id: Ifbaeb2ef684217cf6187ccc4fb4d303f89608300
Extensions and skins should already be adding their credits through
$wgExtensionCredits, meaning that they would be duplicated in the
"Installed libraries" section.
Anything that has a type that begins with "mediawiki-" will now
be skipped.
Release notes were added for this commit and 528297f8db.
Change-Id: Ie873b16c1a8a696c7de833ae69b263161d9e15a8
Checks whether your composer.lock file is up to date
with the current composer.json file.
Bug: T77388
Change-Id: I528d63172c238cf1ea9bc02e8eb39b93225865de
This was used in 2 special classes, the logger classes and spread
to a few other random classes.
Afaik this has no meaning. Is for something we don't use, and
goes against the meaning of '@section' in Doxygen, which we do
use.
In Doxygen output, all LICENSE references became links to
ProfilerXhprof (the one Doxygen encoutered first).
Bug: T72328
Change-Id: Icc7c443245c70bc0f549bee7d105eef5691c864d
The new cdb library is pulled in via composer. Since the
library uses namespaces, a backwards-compatability layer
is provided for the old class names:
* CdbReader
* CdbWriter
* CdbException
The PHP/DBA-specific classes should never have been used directly.
Depends on I98302bdf1 in mediawiki/vendor
Change-Id: I39549ac8540b262cf91f7d1830d36327afb3033d
If the xhprof extension is not present we skip running the test, but
phpunit runs the test provider function before that check so we need to
guard against missing constants to avoid spurious warnings in the test
output.
Change-Id: I5541a062ff0c47ca8802315554b3f32dfd01dcd0
Add a helper class to assist in collecting profiling information using
XHProf <https://github.com/phacility/xhprof> and a Profiler
implementation to hook it into the existing MediaWiki profiling system.
The Profiler includes support for generating tabular reports similar to
the traditional output of ProfilerSimpleText and ProfilerSimpleTrace or
sending data to a udpprofile daemon as supported by ProfilerSimpleUDP.
It also produces data compatible with the debugging toolbar.
Bug: T759
Change-Id: I16a75cb7636cb5dcef3830d738b2dcd2047d0aaa
Do not base64-encode non-binary files (containing only whitespace and
printable ASCII characters, which matches sane SVG files).
For SVG files the percent-encoded URIs are actually slightly longer
than the base64-encoded ones (~10%), but compress a lot better
resulting on 15-20% less data to transfer after gzip compression.
(The effect is best seen on the 'oojs-ui' module, which consists
mostly of SVG icons – especially after commenting out everything other
than 'oojs-ui.svg.css'.)
I tried this for binary files too, just in case; but as expected, they
suffer from a noticeable size increase even with compression (~15%).
Bug: 67341
Change-Id: Iddaf863b6be98570a2bb8e606f13946a96345f65
Remove the local copy and include upstream instead.
Remove local unit tests as it's now a proper upstream lib that
is tested by uptream.
Release:
https://github.com/cssjanus/php-cssjanus/releases/tag/v1.1.0
Changes:
Features
* Support "/*!" syntax for @noflip.
* Flip border-style.
Bug fixes
* Improve flipping of background-position.
* Restrict four_notation_quantity to margin, padding and border-width.
* Flip two values in border-radius rule (in addition to four values).
Change-Id: Ieb6e179d6163f99a9c98fd99c2277d25135871fe
This reverts most of commit 2d842f1425,
leaving only the test added in it, and reimplements the same
functionality better.
Instead of stripping /*@noflip*/ annotations in CSSJanus, which is
incompatible with other implementations that preserve it, extend
CSSMin to allow other CSS comments to be present before the
rule-global @embed annotation. (This required making the regex logic
in it even worse than it was, but it's actually slightly less terrible
than I expected it would be. Good thing we have tests!)
Bug: 69698
Change-Id: I58603ef64f7d7cdc6461b34721a4d6b15f15ad79
Follows-up b36d883.
By far most data providers are static (and PHPUnit expects them
to be static and calls them that way).
Most of these classes already had their data providers static
but additional commits sloppily introduced non-static ones.
* ResourceLoaderWikiModuleTest, 8968d8787f.
* TitleTest, 545f1d3a73.
Odd unused method 'dataTestIsValidMoveOperation' was introduced
in 550b878e63.
* GlobalVarConfigTest, a3e18c3670.
Change-Id: I5da99f7cd3da68c550ae507ffe1f725d31e7666f
To do it, just remove /*@noflip*/ annotations in CSSJanus after
we're done processing. They are not needed anymore and some obscure
interactions with CSSMin logic for preserving comments caused
`/*@noflip*/ /*@embed*/ background-image: url(…)` not to work
correctly (it would not be embedded).
This also requires us to always do CSSJanus processing, even when we
don't need flipping, to consistently handle the annotations.
I'm not entirely sure if this is worth it, but I still greatly prefer
doing it to documenting this stupid limitation. :)
Bug: 69698
Change-Id: I311b12b08b2dff9d45efb584db08cf4a11318f59
Was incorrectly assuming values between -1 and 1 were 0
Fixes an issue with mw-ui-input class in RTL mode which
makes use of box shadow.
Change-Id: I13e52467721bc2534e0a7c5245e3380ac43736ef
It's not only Windows. I have an Ubuntu machine with a PHP setup
limited to 32 bit (which is totally fine, it allows me to develop
and always stay compatible to Windows and other 32 bit environments).
I don't see an other way than to skip these tests on a 32 bit
machine. The loss (PHP clips values larger than 2147483647 to
2147483647) does not happen in the code that is tested but in the
test setup.
Change-Id: Ie9a173c0a92ed84eaaea981a25ba130f2eca169e
Remapping of url()s was thrown off if the CSS contained comments
with curly braces. To fix, replace all block comments (except @embed
directives) with placeholders before url() processing and swap them
back in afterwards. Patch also includes tests.
Bug: 60077
Change-Id: If18a93c17ea9bcd529f6a664aa2dcc51d4a37f38
This adds a new generic library class IPSet, which precomputes
a reasonably-efficient data structure from the input list of
addresses and CIDR net/mask specs for fast runtime matching,
and then uses it to check trusted XFF-setters.
See also: 32b4f19f173fc5cff1029eedee63a39a2d72dd3a
Bug: 57021
Change-Id: Ia3b12fb90c3e7e492374a128943b014481cc2730
Changed closure to capital word Closure in doc and type hint,
also changed callback in docs to callable
Change-Id: I52c8e8f13d38a837052101c38b9986be780ca057
Swapped some "$var type" to "type $var" or added missing types
before the $var. Changed some other types to match the more common
spelling. Makes beginning of some text in captial.
Also added some missing @param.
Change-Id: Ic8aaf0a93796b97d0fa4617c1f86ff59f4b36131
