As there will likely be extensions bundled with the 1.31 release that
depend upon other extensions, we should have the installer prevent users
from enabling extensions that depend on other, not-enabled extensions.
We can build a dependency map from extension.json's "requires"
component. On the client-side, we'll first disable all checkboxes that
require other extensions, and evaluate each checkbox click, updating the
disabled checkboxes as possible.
This required some refactoring of how ExtensionRegistry reports issues
with dependency resolution so we could get a list of what was missing.
While we're at it, sort the extensions under headings by type.
This does not support skins that have dependencies yet (T186092).
Bug: T31134
Bug: T55985
Change-Id: I5f0e3b1b540b5ef6f9b8e3fc2bbaad1c65b4b680
* Make startAtomic() return a token that can be used with cancelAtomic()
cancel any nested atomic sections that have not yet been ended.
* Make doAtomicSection() clear dangling nested sections by default.
* Also give doAtomicSection() a $cancelable parameter, having the
same default as startAtomic().
Change-Id: I75fa234cb1dcfef17dc9a973a3b02d2607efa98e
Because it doesn't work. `phpcs:ignoreFile` is intended as a performance
shortcut, and gives up on the file as soon as that token is found.
Instead, use `phpcs:disable` which does support selectively disabling
some sniffs. And since disabling is local to the file, there's no need
to re-enable it at the bottom of the file.
<https://github.com/squizlabs/PHP_CodeSniffer/issues/1903> has some
relevant discussion and clarification from upstream on this.
And make the files that are now being re-enabled pass PHPCS.
Change-Id: Ia4d8c45045f61cf9f24eb1d8631ff98d99c82d69
Handle all errors in query() that might have caused rollback by
putting the Database handle into an error state that can only be
resolved by cancelAtomic() or rollback(). Other queries will be
rejected until then.
This results in more immediate exceptions in some cases where
atomic section mismatch errors would have been thrown, such as a
an error bubbling up from a child atomic section. Most cases were
a try/catch block assumes that only the statement was rolled back
now result in an error and rollback.
Callers using try/catch to handle key conflicts should instead use
SELECT FOR UPDATE to find conflicts beforehand, or use IGNORE, or
the upsert()/replace() methods. The try/catch pattern is unsafe and
no longer allowed, except for some common errors known to just
rollback the statement. Even then, such statements can come from
child atomic sections, so committing would be unsafe. Luckily, in
such cases, there will be a mismatch detected on endAtomic() or a
dangling section detected in close(), resulting in rollback.
Remove caching from DatabaseMyslBase::getServerVariableSettings
in case some SET query changes the values.
Bug: T189999
Change-Id: I532bc5201681a915d0c8aa7a3b1c143b040b142e
Revisions deleted before MediaWiki 1.5 do not have a value in this
field. This is going to be a problem for migration to the MCR schema, so
provide a maintenance script to clean this up.
Then, for good measure, change the schema to make the field
non-nullable.
Bug: T182678
Change-Id: Ie2e11f12a30f379db32c3e074658012c6f93adb0
* Convert OutputHandler.php from global functions to a class.
- wfOutputHandler → OutputHandler::handle
(no alias, no usage outside core)
- wfGzipHandler → OutputHandler::handleGzip
(private, no usage outside class)
- wfRequestExtension → OutputHandler::findUriExtension
(private, no usage outside class)
- wfMangleFlashPolicy → OutputHandler::mangleFlashPolicy
(private, no usage outside class)
- wfDoContentLength → OutputHandler::emitContentLength
(private, no usage outside class)
- wfHtmlValidationHandler → OutputHandler::validateAllHtml
(private, no usage outside class)
* Add the class to autoload.php for exposure outside WebStart.
Specifically, for use in ApiFormatPhpTest. This also removes the
need to manually load the class because this code runs after
Setup.php loads AutoLoader.php.
Bug: T189966
Change-Id: I27a41ec0ae0ee30aeb313a616323b967605c4055
If the $var argument is provided, then it will make the resulting
count exclude rows where the value for that column is NULL.
Also add buildSelectSubquery() method and Subquery
wrapper class for use with select() for calculated tables.
Change-Id: I549d629af99afdf370602de095f7fba6d1546c37
This creates a new log formatter called WikitextLogFormatter, which
is a simple class that allows log entries to contain properly
formatted wikitext. This makes it easier for extensions so they don't
have to create their own subclass of LogFormatter.
Change-Id: I2b7fddf5c6ef017a0925b4bf75cfd47cb55aa5de
Storing the user name or IP in every row in large tables like revision
and logging takes up space and makes operations on these tables slower.
This patch begins the process of moving those into one "actor" table
which other tables can reference with a single integer field.
A subsequent patch will remove the old columns.
Bug: T167246
Depends-On: I9293fd6e0f958d87e52965de925046f1bb8f8a50
Change-Id: I8d825eb02c69cc66d90bd41325133fd3f99f0226
This is to be used within the FileImporter extension to allow
adding custom loggers to this import process.
Change-Id: Ib094d4829764ccc8e5bd2619fb827d701ae06d43
This is to be used within the FileImporter extension to allow
adding custom loggers to this import process.
Change-Id: I4a6c573fc0a69b06d696cd2afca9226fb492a9bc
Each expired row has to be fetched from the user_groups table, deleted
from that table and added to the user_former_groups table. Per Jaimes
request, let's not do this for all rows at once but for smaller chunks
and wait for replication to catch up after each chunk has been
processed. In addition the function to purge the expired rows now sets a
lock so that there won't be multiple concurrent runs.
Also, cleaning this table up isn't urgent and thus should be done in a
job and not a deferred update, so let's move it there.
Bug: T176754
Change-Id: I671d4b9d09677a2f474477ba7fea33a44d6318aa
It was never super popular anyway, APC was always the best option.
The project has no plans to move to PHP7, so it's quickly reaching
its end of life. Oh, and Fedora dropped it from their repos 2 years
ago.
Change-Id: Ia3257e86a6323d8943f04a5c05c72c0bd4c4b0a9
This will be used for deep category search implementation,
also Wikibase one in repo/maintenance will be changed
to use the same codebase.
Bug: T185127
Change-Id: Ie8dd4a5aff55d90f02426f1430ed5214c7327bbc
Deprecate the unnamespaced version and move it to includes/compat.
Bug: T147167
Depends-On: I39c805bfb98b32f32f3d0dc1eee9e823afe1c21a
Change-Id: I3780c7adf51683f3f7adb35a88f9a25a0a2e2530
This will allow classes that need MWHttpRequest to inject HttpRequestFactory
and thus make it overridable and testable.
Also made MWHttpRequest abstract class since it doesn't implement
execute anyway. Maybe a good idea to move execute to an abstract
method?
Change-Id: I5c0e035542ff5f791a21a95ed13bed4cea6906d0
This makes things centralized to reduce maintenance cost and also
enables me to use this methods in Wikibase to handle RC injection
Bug: T185034
Change-Id: Ic8c602e316144ccb5b05c69a0cc607cd53e38912
This PHP extension was deprecated in PHP 5.5 and removed in PHP 7.0.
The newer MySQL driver 'mysqli' is the default driver since MediaWiki
1.22 and 'mysql' was deprecated in MediaWiki 1.30.
Bug: T120333
Change-Id: Icff7a63ab47ae1483de87ba6486945974699362b
This really should have been done a very long time ago.
This adds a maintenance script to migrate rows with ar_text_id null to
modern storage, either the text table or ExternalStore.
Bug: T36925
Change-Id: I5608c6b6d3ecad516b785e13d668427c1b762e41
There's no reason for this to have to live in Maintenance land. It's
generally useful and lets us avoid some random require/include calls
Change-Id: I60419c7f9fc52313905053bbeb3aa81666c9160c
This deprecates the Preferences class and replaces it with
a PreferencesFactory service. Basically, all code from Preferences
is moved into DefaultPreferencesFactory. All Prefereces methods
are now either shims calling DefaultPreferencesFactory or just
throw exceptions.
Bug: T178449
Change-Id: Id0b2db0c2de0890f6e1609a9a0dca207c4600f99
In some languages it's conventional not to insert a thousands
separator in numbers that are four digits long (1000-9999).
Rather than copy-paste the custom code to do this between 13 files,
introduce another option and have the base Language class handle it.
This also fixes an issue in several languages where this logic
previously would not work for negative or fractional numbers.
To implement this, a new option is added to MessagesXx.php files,
`$minimumGroupingDigits = 2;`, with the meaning as defined in
<http://unicode.org/reports/tr35/tr35-numbers.html>. It is a little
roundabout, but it could allow us to migrate the number formatting
(currently all custom code) to some generic library easily.
Bug: T177846
Change-Id: Iedd8de5648cf2de1c94044918626de2f96365d48
Clean up use of @codingStandardsIgnore
- @codingStandardsIgnoreFile -> phpcs:ignoreFile
- @codingStandardsIgnoreLine -> phpcs:ignore
- @codingStandardsIgnoreStart -> phpcs:disable
- @codingStandardsIgnoreEnd -> phpcs:enable
For phpcs:disable always the necessary sniffs are provided.
Some start/end pairs are changed to line ignore
Change-Id: I92ef235849bcc349c69e53504e664a155dd162c8
* Adding new class AbkhazUppercaseCollation, mapped to 'uppercase-ab'.
* Extended CustomUppercaseCollation with support for sorting digraphs
and for alphabets larger than 64 letters (up to 4096).
Bug: T183430
Change-Id: I16d44568e44d7ef5b39c38b1a6257b9fe10a34d4
This allows Revision::getRevisionText to get
a different BlobStore instance when $wiki is passed in
restoring the behaviour for $wiki before the MCR Revision
overhaul patch was merged.
Ia4c20a91e98df0b9b14b138eb4825c55e5200384
Bug: T183634
Bug: T183631
bug: T183583
Change-Id: Ib0949454e9a003c2965adc1aab38e31fcf121afe
This adds support for a PSR-4 (<http://www.php-fig.org/psr/psr-4/>)
autoloader, so instead of needing to manually list each class, just the
namespace prefix is needed.
Extensions can set a "AutoloadNamespaces" property in extension.json to
register PSR-4 compatible namespaces to be autoloaded.
The implementation is based off of the example implementation
(<http://www.php-fig.org/psr/psr-4/examples/>) with some modifications
for performance, notably cutting down on function calls, and only trying
to look up classes that are namespaced.
The generateLocalAutoload.php script will ignore any directory that is
registered as a PSR-4 namespace.
Bug: T99865
Bug: T173799
Change-Id: Id095dde37cbb40aa424fb628bd3c94e684ca2f65
This commit adds a custom collation order for
Northern Sami ('se'). Northern Sami exists in ICU,
but the version of ICU that Wikimedia uses is a
few years old, and does *not* include Northern
Sami. It could be years before Wikimedia's production
servers use the one that includes Northern Sami (see
bug), so this is a temporary workaround to amend this
issue.
Bug: T181503
Change-Id: Ib8a48b8db99bef8ec4b05144aace5dbdcacfeded
Importing revisions in MediaWiki has long been weird: if the username on
the imported revision exists locally it's automatically attributed to
the local user, while if the name does not exist locally we wind up with
revision table rows with rev_user = 0 and rev_user_text being a valid
name that someone might later create. "Global" blocks too create rows
with ipb_by = 0 an ipb_by_text being a valid name.
The upcoming actor table change, as things currently stand, would
regularize that a bit by automatically attributing those imported
revisions to the newly-created user. But that's not necessarily what we
actually want to happen. And it would certainly confuse CentralAuth's
attempt to detect its own global blocks.
Thus, this patch introduces "interwiki" usernames that aren't valid for
local use, of the format "iw>Example".[1] Linker will interpret these
names and generate an appropriate interwiki link in history pages and
the like, as if from wikitext like `[[iw:User:Example]]`.
Imports for non-existant local users (and optionally for existing local
users too) will credit the edit to such an interwiki name. There is also
a new hook, 'ImportHandleUnknownUser', to allow extension such as
CentralAuth to create local users as their edits are imported.
Block will no longer accept usable-but-nonexistent names for 'byText' or
->setBlocker(). CentralAuth's global blocks will be submitted with an
interwiki username (see Ieae5d24f9).
Wikis that have imported edits or CentralAuth global blocks should run
the new maintenance/cleanupUsersWithNoId.php maintenance script. This
isn't done by update.php because (1) it needs an interwiki prefix to use
and (2) the updater can't know whether to pass the `--assign` flag.
[1]: '>' was used instead of the more usual ':' because WMF wikis have
many existing usernames containing colons.
Bug: T9240
Bug: T20209
Bug: T111605
Change-Id: I5401941c06102e8faa813910519d55482dff36cb
Depends-On: Ieae5d24f9098c1977447c50a8d4e2cab58a24d9f
Introduces a FirejailCommand class, which can be used to add additional
restrictions to a command, for increased security. For now, firejail
containment needs to be enabled on a per-command basis.
The following restrictions are implemented:
* NO_ROOT - disallows any root access, including via setuid binaries
* SECCOMP - block dangerous syscalls with seccomp
* PRIVATE_DEV - create a private /dev
* NO_NETWORK - deny all network access
* NO_EXECVE - block the execve syscall
A convenient Shell::RESTRICT_DEFAULT is equivalent to NO_ROOT | SECCOMP
| PRIVATE_DEV, with the expectation that more restrictions may be added
to it in the future.
In addition, specific paths can be whitelisted with
Command::whitelistPaths(). Any file/directory that isn't whitelisted in
that top level directory (e.g. /srv) won't exist inside the firejail.
$wgShellRestrictionMethod can be set to false for no restriction system,
'firejail' to explicitly use it, or 'autodetect' to autodetect whatever
system is available. In the future the default should be changed to
autodetection once firejail is tested more.
Bug: T173370
Change-Id: Id74df0dbba40e1e7c07c4368aacffb6eb06a17c5
This is a first pass at Latin/Cyrillic translitertion for Crimean
Tatar (crh).
Includes transliteration tables, prefix/suffix mappings, regex
mappings, and exceptions lists for words and abbreviations.
Regularize CRH language name in messages/* files.
Fix "varient" typos in qqq.json.
Add unit tests for CRH transliteration.
Bug: T23582
Change-Id: I424703f99adf837f6217872b882d1ea26bfdd068
This provides a narrow view on a user identity, providing access to
ID and name.
This has been extracted from I140f43a6fb443b for re-use with Actors,
on Anomie's request.
Change-Id: Ief00db5ce382537c5bf992159eae6baf096ae4be
Using a real HTML tokenizer fixes bugs when < or > appear in attribute
values. The old implementation used delimiterReplace(), which didn't
handle this case:
> print Sanitizer::stripAllTags( '<p data-foo="a<b>c">Hello</p>' );
c">Hello
We also can't use PHP's built-in strip_tags() because it doesn't handle
<?php and <? correctly:
> print strip_tags('1<span class="<?php">2</span>3');
1
> print strip_tags('1<span class="<?">2</span>3');
1
Bug: T179978
Change-Id: I53b98e6c877c00c03ff110914168b398559c9c3e
* Convert to use Maintenance
* Clean up
* I want to use the class name UserOptions for something else
so rename it.
Change-Id: Ic441087702376b1ca0e70554c71cdf7ecad908af
Refactor Installer::locateExecutableInDefaultPaths() into a separate
utility class, ExecutableFinder. This class is already used in plenty of
places outside of the installer, so it's ripe for being extracted.
This class is located in utils/ due to the dependency upon
Shell::command(). Once that no longer has a dependence upon MediaWiki,
this class can be moved to libs/ too.
Change-Id: I175465acc0d64f990445ce05fabcee8b88a0b259
Extensions with custom content models (e.g. ProofreadPage) will extend
EditPage to provide a customized editing experience. However when
another extension like TwoColConflict wants to change just how edit
conflicts look, this causes problems since only one class can take the
place of EditPage.
So instead, split most of the frontend code for edit conflicts into
TextConflictHelper, and call it from edit page. Extensions can override
with the instance created by calling
EditPage::setEditConflictHelperFactory().
And to make that split possible also move EditPage::addNewLineAtEnd()
and ::buildTextboxAttribs() into a separate TextboxBuilder class that
both EditPage and TextConflictHelper can use.
Bug: T176393
Change-Id: Ie415edd84329c02d5762477f8a171fced85b01a2
Blobs in the text table created by MediaWiki <1.5 running on PHP 4 had class
names coerced to lowercase. In order to succcessfully resolve these class
names, the autoloader creates a copy of the autoload class array with
lowercased keys, which is pretty inefficient. So instead, make sure the
auto-generated autoload map contains lowercase variants for these specific
classes.
Bug: T166759
Change-Id: I6d751ef516e936e04c056d70a1ecd17960a39ceb
This allows scheduling of updates that need to start their own
transaction round. Specifically for cases where the ability to
commit early is not enough (which is already possible via LBFactory
getEmptyTransactionTicket and commitAndWaitForReplication).
Change-Id: I0910587b61c8ddf825f91e92c2f93582cc7ebd80
This adds a maintenance script that removes all expired user group
entries from the user_groups table and adds them to the
user_former_groups table.
Bug: T176754
Change-Id: Ie0f4afd3dbecd3af42e89bb99cf03dbe03768d07
Throw DBQueryTimeoutError if a database query error is detected
to be a timeout.
Only DatabaseMysqlBase has been updated here.
This is a subclass of DBQueryError, so existing catch'es will work.
Bug: T175775
Change-Id: I4749dc33ad530d9b22504f02106b1ca49e8eb167
This function has gotten so unwieldy that a helper was
introduced. Instead, here's this class that makes
shelling out easier and more readable.
Example usage:
$result = Shell::command( 'shell command' )
->environment( [ 'ENVIRONMENT_VARIABLE' => 'VALUE' ] )
->limits( [ 'time' => 300 ] )
->execute();
$exitCode = $result->getExitCode();
$output = $result->getStdout();
This is a minimal change, so lots of stuff remains
unrefactored - I'd rather limit the scope of this commit.
A future improvement could be an ability to get stderr
separately from stdout.
Caveat: execution errors (proc_open is disabled/returned error) now
throw errors instead of returning a status code. wfShellExec() still
emulates this behavior though.
Competing commit: I7dccb2b67a4173a8a89b035e444fbda9102e4d0f
<legoktm> MaxSem: so you should continue working on your patch and I'll
probably refactor on top of it later after its merged :P
Change-Id: I8ac9858b80d7908cf7e7981d7e19d0fc9c2265c0
This works by using the new table introduced with T156318.
The only thing that differs from normal Special:Contribs is we are
showing the IP address next to each entry. This is it how it is
displayed if you request to see newbie contributions:
https://en.wikipedia.org/wiki/Special:Contributions?contribs=newbie
For the time being, Special:DeletedContributions does not support
IP ranges. Various other irrelevant links such as Uploads and Logs
are also hidden.
Refer to P4725 for a way to automate creation of edits by random
IPs in your dev environment.
IP::isValidBlock() has been deprecated with this dependent change:
https://gerrit.wikimedia.org/r/#/c/373165/
Bug: T163562
Change-Id: Ice1bdae3d16cf365da14c6df0e8d91d2b914e064
Allowing slashes in config key names allows us to trivially support the
proposed hierarchical structure with a single EtcdConfig object, by
fetching values with the relevant prefixes on startup.
Bug: T156924
Change-Id: Ica0914e61baba9c0462481925be15d79b66dc342
It's often forgotten because MySQL and Sqlite don't use it, the only
users are PostgreSQL and Oracle. And when used, if inserts to multiple
tables are being done it's easy to get the ordering wrong.
This patch reimplements DatabasePostgres::insertId() in terms of PG's
lastval() function, and adds triggers to the Oracle schema to make it
work the same as the other databases.
Bug: T164900
Change-Id: Ib308190c52673a9266c8495a589ae644f9fbefce
It hasn't been updated properly since 2006 so many fields aren't being
copied to the archive table. Tim suggests it'd be best to just delete it
and, if someone needs the ability to delete or revdel revisions from the
command line, properly abstract out the deletion code instead of
duplicating it.
Change-Id: I400b8ac30b31802e7dd9f6e4d0ec10918eba0183
