* Update extensions/LoginNotify from branch 'REL1_43'
to 0fe872ed32d55852fccc8e1f1c28a6d2b6f4b6b5
- Localisation updates from https://translatewiki.net.
Change-Id: I39c299dd7667abc0685739f7c9908da25de9622c
* Update extensions/Cite from branch 'REL1_43'
to 67f62f9a65e3686e07574e3362f81bf494ed4d8f
- Localisation updates from https://translatewiki.net.
Change-Id: Id680ec353b27ada02836f9c644d0bc080a791878
* Update extensions/CategoryTree from branch 'REL1_43'
to bd89d6d9a1ad59701baddc1099596e531c51eabe
- Localisation updates from https://translatewiki.net.
Change-Id: I1b007293048df70e9180ee6be84186ef0d0e9955
* Update extensions/Echo from branch 'REL1_43'
to bab9504f6ebdda74f48b5926335d7240568f1d5a
- Localisation updates from https://translatewiki.net.
Change-Id: I931e7c0b15f638b0d3cdf53c297d46a4db18783b
* Update extensions/OATHAuth from branch 'REL1_43'
to 72d8ec5feebd8a160199d5a5dfa6789f1dd99d74
- Localisation updates from https://translatewiki.net.
Change-Id: I0387c52c562ad664b034de994310e628c40435b1
* Update extensions/Linter from branch 'REL1_43'
to 8600393f64c095dbf1c344d5e555f524c9a797d5
- Localisation updates from https://translatewiki.net.
Change-Id: I39c299dd7667abc0685739f7c9908da25de9622c
* Update extensions/DiscussionTools from branch 'REL1_43'
to 123e7732c17aba2969dc60ab982f20b2904707db
- Localisation updates from https://translatewiki.net.
Change-Id: I3bb30c250ba693be81f9da720bb42a8a3812e23c
* Update extensions/CiteThisPage from branch 'REL1_43'
to 53d0e706a4863e9b1155b6e782936b89da9d7b17
- Localisation updates from https://translatewiki.net.
Change-Id: I034af01f283e5837a1de20c41cacabaab283ce9e
* Update extensions/Nuke from branch 'REL1_43'
to 96798529616368805af951aee745ba5c2d12b7c1
- Localisation updates from https://translatewiki.net.
Change-Id: I7c29571fae1de16d186e922519d331323e7e59ad
* Update extensions/MultimediaViewer from branch 'REL1_43'
to 94438020a3660a00d99a575a5d62494b3321ed43
- Localisation updates from https://translatewiki.net.
Change-Id: If0aac57bee3e712f9b67c6cf617c75fed7d9a129
* Update extensions/Math from branch 'REL1_43'
to 6e27f6acd4e255e7133467117bcdd7e7c585cb86
- Localisation updates from https://translatewiki.net.
Change-Id: I1aba04c29f56c32a8f6967033a634e6bbd23e7e5
* Update extensions/InputBox from branch 'REL1_43'
to 10a4dd9588a1bc5e4f69497aa55dfd7621282ef1
- Localisation updates from https://translatewiki.net.
Change-Id: I28d9ff879dadedf97012ba73fa3dc50d5a0c3356
* Update extensions/ConfirmEdit from branch 'REL1_43'
to cc9dc0cf90b9b38ab873fb42b004cc63ca8f4c7e
- Localisation updates from https://translatewiki.net.
Change-Id: I913b95ff735ec64a7d70d51e7eff146eef31c055
* Update extensions/AbuseFilter from branch 'REL1_43'
to ef2dde18bd6d059b8dd312fe55ba9d9ace53b7ca
- Localisation updates from https://translatewiki.net.
Change-Id: I7cec52c07aeb74121b64c245f9d5e1fe3d1ae8d1
Why:
- Since we re-distribute a Swagger bundle that includes all the
libraries, we should also supply the licenses associated with these
libraries.
- See https://github.com/swagger-api/swagger-ui/issues/8317
What:
- Create a directory containing the relevant OSI licenses.
- Create a list of all the libraries included in Swagger UI
and their respective licenses.
Bug: T382086
Change-Id: I30be1fee2b3ebd7352fa6255a95969e91a75d575
(cherry picked from commit ea8d04800ff074f15ab4c83b39db438bb26fa617)
strtr(): Passing null to parameter #1 ($string) of type string is
deprecated in php8.1
Change-Id: I224d8e8baa9d878db3635cb6c46eb62eb6f60469
(cherry picked from commit 596589d9032b5e7a3f9b4ed7e0558b42cf66690b)
* Update extensions/OATHAuth from branch 'REL1_43'
to b6cb1d5739c3ff3d165ae56d6131c85481deb5a1
- Do not make Copy button the default submit action on TOTP form
Bug: T354028
Change-Id: I30d4bae47141e06aa6993c22836f7336ba758a14
* Update extensions/AbuseFilter from branch 'REL1_43'
to 6ebcd929c7f7a2f8be715dfe39c59b53570829f0
- SECURITY: Use correct bitwise operator on CentralDBNotAvailableException
Why:
* When FilterLookup::getFilter throws a
CentralDBNotAvailableException, the code which calls it
sometimes catches the exception and then assumes the filter
has the maximum privacy level.
* This logic is broken as the wrong PHP bitwise operator is used
("&" instead of "|").
What:
* Update all uses of "&" to "|" in the affected places.
Bug: T389235
Change-Id: Idb08add69a55fb387ec51fb220cafc46542afd1a
CVE-2025-3469
Only use HtmlSnippet when the labels are not coming from a message, to
avoid XSS-via-i18n vulnerabilities.
Bug: T358689
Change-Id: If91500bc76b3ed8cdc58da4f9de326df6d201398
CVE-2025-32699
Ensure that Unicode NFC normalization can be applied to our HTML
output safely. Even though the W3C officially recommends against
normalizing HTML
https://www.w3.org/International/questions/qa-html-css-normalization#converting
this is still easily done inadvertently, especially when using the
MediaWiki action API which normalizes parameters and results by
default.
See also I671648603c4635a35585c860b4857f5ea085e47f in Parsoid, and
T266140 / I2e78e660ba1867744e34eda7d00ea527ec016b71 for another similar
issue.
The following changes are made:
* The various HTML serializers (Remex/Tidy-derived, as well as the
Html::* helpers) are tweaked to entity-escape U+0338 wherever it
appears.
* Similarly, Message::escaped() is tweaked to entity-escape U+0338.
* Finally, a post-processing pass is added to the OutputTransform
pipeline to catch any remaining U+0338 and entity-escape them.
This catches U+0338 added during any of the previous OutputTransform
stages (like TOC insertion, section edit links, etc).
*When backporting* this code will likely need to be moved to
ParserOutput::getText(), as the OutputTransform pipeline wasn't added
until MW 1.42.
Bug: T387130
Change-Id: I66564e14e730f5393f4fa5780b80f24de6075af5
Same as was done in 5f2584b648
Bug: T391586
Follows-Up: I966cddb337c9373ed3a369496548a8d8c538ae84
Change-Id: I757eb043f8043d6620fb69bd072d9bb9e97ad163
(cherry picked from commit 7a84c34398639d3422f81ab9711539c34d435621)
Almost every call to isCascadeProtected() (which uses short-circuit
mode) is followed by a call to getCascadeProtectionSources() (which
doesn't), so this attempted optimization (skipping a loop that does
some very cheap operations) actually results in worse performance
in the common case (because the result of the database query can't
be cached in short-circuit mode, and we must query it again), and
it makes the code really annoying to read or modify.
Relevant code: https://codesearch.wmcloud.org/search/?q=getCascadeProtectionSources\(|isCascadeProtected\(&excludeFiles=RestrictionStore.php|HISTORY|tests%2F
Change-Id: Ib9eb6cab28492776d40a10cbfb28e9c1cec8c1d2
(cherry picked from commit f9180c4a36fb8874fc0211f05a1eebaceb67aa0c)
If something inside the callback above throws an exception (e.g.
`parseCachedTable()` when the database is down), and it is caught,
`$this->mTablesLoaded` and `$this->mTables` will be left in an
inconsistent state for the rest of the request, causing confusing
errors elsewhere.
Bug: T388807
Change-Id: I79704d6d5c03d5e028c0c762a37fd55b953a4a6a
(cherry picked from commit 6d4f287059521fd4e7fe094ccb00aca54906b31f)
* Update skins/Vector from branch 'REL1_43'
to a4a127342e106a27d89253921cc771a978523a68
- Localisation updates from https://translatewiki.net.
Change-Id: I9189d564e985d3115d39dc29d2894421c0c491d4
* Update skins/MinervaNeue from branch 'REL1_43'
to 9dfbada4fe1994e279828289a424ecbfdc8b754c
- Localisation updates from https://translatewiki.net.
Change-Id: I54de52119783721703597574d7f2f6289c2db456
* Update extensions/VisualEditor from branch 'REL1_43'
to b890dad267289a9ecec8c02c3e6fedc957948e9f
- Localisation updates from https://translatewiki.net.
Change-Id: Ic7a4e06cc699ce46a339ffdbdb56f67e6be8a24c
* Update extensions/TemplateData from branch 'REL1_43'
to 514b72c1cd263c641d0fcf6eb6e564eec8b5f593
- Localisation updates from https://translatewiki.net.
Change-Id: I6379ffa6a64588002bb3c09704be965b326b5488
* Update extensions/TitleBlacklist from branch 'REL1_43'
to 8e8ebe02588343ea0d0c44095c2765632194f241
- Localisation updates from https://translatewiki.net.
Change-Id: Icb7281fa197293315391243f8784a1500b2e3999
* Update extensions/WikiEditor from branch 'REL1_43'
to 67f6158919d1d2e0de0a716c7cf4f7fbd240445a
- Localisation updates from https://translatewiki.net.
Change-Id: I1f4573b9768b025f17c6d20884fb75dc4fd91790
* Update extensions/Thanks from branch 'REL1_43'
to 40a5ba7f417f895a14f5289ed87f01b28a390ecb
- Localisation updates from https://translatewiki.net.
Change-Id: I0529ef09b62f23172f7d5ad4d1a6436e65f74af6
* Update extensions/SyntaxHighlight_GeSHi from branch 'REL1_43'
to c9db27e9a2ebda84c34093152b271bf5144ec26a
- Localisation updates from https://translatewiki.net.
Change-Id: I31f97c6fb5ef88ac605e341e29d028a7cd07c00b
* Update extensions/DiscussionTools from branch 'REL1_43'
to c834d0c8b36148162bf07ac0119a19e826411aaf
- Localisation updates from https://translatewiki.net.
Change-Id: I93d89edf1ac33b61a78644df6f91707ee6d16fd7
* Update extensions/LoginNotify from branch 'REL1_43'
to 4d98bf8ce172857c9eb274b321bc6e4bd266f93b
- Localisation updates from https://translatewiki.net.
Change-Id: I62f7463dd2dcb118cb4bd9311e2cc608af804c6c
* Update extensions/Gadgets from branch 'REL1_43'
to 94c0d38d5a5810b4cce22963a44aceb5e8dc1fd1
- Localisation updates from https://translatewiki.net.
Change-Id: I60fc02246401ef8095232e77fe082d902e0b3ac1
* Update extensions/ConfirmEdit from branch 'REL1_43'
to 4787b2e4be1886ab077a01f9e7d81aa0b28ca7af
- Localisation updates from https://translatewiki.net.
Change-Id: I9ba6b18fc17e045f3fa266df39774d55426b4bb0
* Update extensions/OATHAuth from branch 'REL1_43'
to 53f358b6ede92fce271c18d121de35ab53f9b8f2
- Localisation updates from https://translatewiki.net.
Change-Id: I2e1a81e1fea07d4f2e536564f4219b1acd77cb87
* Update extensions/Nuke from branch 'REL1_43'
to 45f54278c22d5f6d7af8ed47f2e0517ee725d070
- Localisation updates from https://translatewiki.net.
Change-Id: I47030b518a7df5d9007f681763b1bec54e652db6
* Update extensions/Math from branch 'REL1_43'
to 2360e60228dcac111f2063feb5104ab84878a898
- Localisation updates from https://translatewiki.net.
Change-Id: Ie4b516b2f3d27ca5672255c78de132c2bf623b91
* Update extensions/Echo from branch 'REL1_43'
to 951879a4181162f93b2d409a5374bce785eaf8f2
- Localisation updates from https://translatewiki.net.
Change-Id: Id53684b396220015d3867a09d14355f8fceb9d88
* Update extensions/CiteThisPage from branch 'REL1_43'
to 8daea44797f0be0fd876ffa66e0a433c9df86ac1
- Localisation updates from https://translatewiki.net.
Change-Id: I61d498ec32608a140784ce5a5b68021751730565
