Embed the essential files to define mw.loader directly as part of
the startup module.
* This means the internal 'mediawiki' module no longer exists.
This is safe to remove because:
1) While registered server-side for loading from startup.js, a PHPUnit
structure test disallowed being specified as a dependency.
2) Anything that attempted to load it client-side failed because the
module was marked in the registry as 'raw', thereby excluding it
from the data sent to the client-side. As such, it was seen as an
unknown module that the client refused to fetch from the server.
* Deprecate getStartupModules() and getLegacyModules().
These are no longer needed. There are no known callers anywhere in
Wikimedia Git or elsewhere indexed by Codesearch, but easy enough
to leave as no-op for one release.
* Remove ResourceLoaderRawFileModule class.
No longer needed. Was created as a hack specifically for the 'mediawiki'
module so that it would not leak global variables in debug mode.
It has no usage anywhere in Wikimedia Git, nor elsewhere in Codesearch.
Remove without deprecation given this was meant to be a 'private' class.
* Introduce (private) getBaseModules(). Previously, this list only existed
locally in getStartupModulesUrl() by merging getStartupModules() and
getLegacyModules(). This value was factored out into its own method.
* Make getStartupModulesUrl() private and rename to getBaseModulesUrl().
It is only used internally to export the 'baseModulesUri' value.
Its name was already confusing before, but it would've been even more
confusing now given it doesn't even call getStartupModules() any more.
Bug: T192623
Change-Id: I14ba282d7b65e99ca54b7c2f77ba6e1adaddd11c
This introduces a maintenance script for populating the tables
introduced by the MCR storage schema, namely:
slots
slot_roles
content
content_models
Per default, both the revision and archive tables are processed.
This script is part of the MCR schema migration: after instructing
RevisionStroe to write both the old and the new schema by setting
$wgMultiContentRevisionSchemaMigrationStage = MIGRATION_WRITE_BOTH,
this script can be used to back-fill the new schema for existing
revisions.
Doing this is a precondition to later setting
$wgMultiContentRevisionSchemaMigrationStage = MIGRATION_NEW to
complete the schema migration.
Bug: T182682
Change-Id: Iecc67c1b8c082be1a1039eeb52e76ad16b965226
Various code using the search engine shouldn't need to implement it's
own methods, such as over-fetching, to determine if there are more
results available. This should be knowledge internal to search that is
exposed by a boolean.
Change-Id: Ica094428700637dfdedb723b03f6aeadfe12b9f4
This introduces traits for testing different schema variations.
These are not very useful in this patch, but make it much easier
to add tests for MCR schema migration in subsequent patches.
The code in this patch was previously part of If259b1e1c49ceaa4.
Change-Id: I239572f75bebbc9c731a3e3860c4eff179dc15e4
Since 129067c907, parsing section titles has looked up interwiki
prefixes with InterwikiLookup. In the web upgrader, this triggers
database access, and since that service is disabled, it throws
exceptions, causing parsing to fail.
Work around that by using a dummy InterwikiLookup service that knows
about no interwiki prefixes. Maybe one could be written to just read
from the stock `interwiki.list`, but that's a project for another time.
Bug: T196607
Change-Id: I13485a9af79297b552a1128240cb8597c2ef83d8
This is more or less equivalent to the WMF shell script "sql", but it is
reasonably portable and written in a less hackish way.
Change-Id: I240d8d4e65ce46680cac257ee376a9b026c13f92
In change 4633f4d46a it was changed
to an interface implemented by both PreferencesFormLegacy and
PreferencesFormOOUI so that existing typehints for some functions
parameter would accept them both. Replace those typehints to use
HTMLForm instead. There was really no guarantee in the past that
they would only be given PreferencesForm or its subclasses, either.
Because the typehint change affects some hooks, note it as a
deprecation in MW 1.31 and a breaking change in MW 1.32.
Also add @since tags and correct some typos in code comments.
Follow-up to 4633f4d46a.
Change-Id: I61749f1d864cf68afe90cd9e15ba2d7a74252501
Each of these scripts had a class name that was not referenced outside
of the script file itself, and are safe to rename as a result.
Change-Id: Id605aca11db51ee433baeaa998a0e33184c930ca
This workaround was needed when ICU in production was broken
but after T189295 this is not needed anymore and we switched off
this collation from all Persian Wikis already
Bug: T139110
Change-Id: Ifad89555b6ac96a3eb36ca24b55e1f8ee57a1f05
Old bugs and such may have left the archive table with multiple rows
using the same ar_rev_id, or rows that also exist in the revision table.
These need to be cleaned up for MCR.
The maintenance script added here will delete rows that appear to be
duplicates of the same change, and will assign new IDs to rows that do
not appear to be duplicates.
Bug: T193180
Change-Id: I39b0825c9469e074ded3df33a4f06a1ef0edb494
Adds a maintenance script to populate the field, has that be
automatically run during update.php, and drops the no-longer-needed
default value on the column (where possible: mssql has some sort of
constraint thing going on that I have no idea how it works).
Bug: T59176
Change-Id: I971edf013a1a39466aca3b6e34c915cb24fd3aa7
The primary goal here is a defense in depth measure to
stop an attacker who found a bug in the parser allowing
them to insert malicious attributes.
This wouldn't stop someone who could insert a full
script tag (since at current it can't distinguish between
malicious and legit user js). It also would not prevent
DOM-based or reflected XSS for anons, as the nonce value
is guessable for anons when receiving a response cached
by varnish. However, the limited protection of just stopping
stored XSS where the attacker only has control of attributes,
is still a big win in my opinion. (But it wouldn't prevent
someone who has that type of xss from abusing things like
data-ooui attribute).
This will likely break many gadgets. Its expected that any
sort of rollout on Wikimedia will be done very slowly, with
lots of testing and the report-only option to begin with.
This is behind feature flags that are off by default, so
merging this patch should not cause any change in default
behaviour.
This may break some extensions (The most obvious one
is charinsert (See fe648d41005), but will probably need
some testing in report-only mode to see if anything else breaks)
This uses the unsafe-eval option of CSP, in order to
support RL's local storage thingy. For better security,
we may want to remove some of the sillier uses of eval
(e.g. jquery.ui.datepicker.js).
For more info, see spec: https://www.w3.org/TR/CSP2/
Additionally see:
https://www.mediawiki.org/wiki/Requests_for_comment/Content-Security-Policy
Bug: T135963
Change-Id: I80f6f469ba4c0b608385483457df96ccb7429ae5
The Html5Depurate driver was intended to be used with an external Java
service, but it never gained traction due to deployment concerns.
The Html5Internal (Balancer) driver was originally intended for use with
the balanced templates proposal and could also handle tidying. But it was
tightly coupled to MediaWiki, so part of it was used as the basis of the
RemexHtml library. Remex most likely can also implement the balanced
templates proposal, so there isn't any reason to keep the Balancer code
around anymore,
Change-Id: I8542d69e9cdbf0e2fb7ebbb919933a64c1b8c293
The RevisionSlotsUpdate interface represents a change to a pages slots,
as applied by an edit.
This also introduces RevisionSlots::hasSameContent and pulls up
getTouchedSlots() and getInheritedSlots() from MutableRevisionStore
to RevisionStore, in preparation of using these classes in the
refactoring of WikiPage::doEditContent and friends.
Bug: T174038
Change-Id: Idb0ef885b343a76137b640fdfc1bf36104b00895
This will make jumping from file to file much easier in text
editors when file name lookups will autocomplete naturally when
looking for a class by name.
Change-Id: I4b2e55a2e72674b619d5a592866c8a019a2b0224
This ResourceLoader module provides a way to ship
messages to CSS variables.
We will need this going forward to deal with flash of
unstyled content in various JavaScript based UIs that
are subject to i18n such as table sorting and
collapsible elements.
To avoid overhead of hitting the database to fetch and
transform localisation messages we make use of the MessageBlobStore
making use of `messages` definition already inside
ResourceLoaderFileModule. Given this resource is only intended
for render blocking styles without JavaScript this should be okay
(although if requested in JavaScript will also ship associated
messages)
Bug: T42812
Change-Id: I2bf12cdc848478889acbe9a7a970e46f8aefa287
This script creates SPARQL UPDATE statements for changes in a given time
period. These statements can be applied to an existing database to
update it.
See tests for examples of how the statements look like.
Bug: T173774
Change-Id: I9867ad566c0619b55a48a011bd3c55321b1bfcff
Special:Block needs a date time selector for easier selection of expiry. To
accommodate this cleanly, a new Expiry Widget is created that handles this
logic.
Bug: T132220
Change-Id: I2853a2ca0ae6ccead3978f4bb50a77c2baa3a150
