Some recent core change, possibly
I2b59c90a609aec1ec74e9c2e7f6fc67573158493, made taint-check think that
the return value of MapCacheLRU::getWithSetCallback is tainted, hence
it's now complaining if this value is output.
This is currently blocking merges in AbuseFilter, see e.g.
https://integration.wikimedia.org/ci/job/mwext-php72-phan-docker/82384/console
Change-Id: I42a596bd4309d60e3ead4e391b1148d503a5680f
This includes fixing some mistakes, as well as removing
redundant text that doesn't add new information, either because
it literally repeats what the code already says, or is actually
duplicated.
Change-Id: I3a8dd8ce57192deda8916cc444c87d7ab1a36515
Add a new resource module for watchlist expiry behaviour in
changes lists, to add a message when the clock is clicked on
mobile.
Bug: T261415
Change-Id: I621b1571b57686beb9fb5802533b1e70d293bc2a
A new user right, `delete-redirect`, is added (not given to anyone
by default). At Special:MovePage, if attempting to move to a single
revision redirect that would otherwise be an invalid target (i.e.
doesn't point to the source page), the user is able to delete the
target.
Deletions are logged as `delete/delete_redir2`, and the move is
then logged normally as `move/move`, mirroring current delete and
move logging.
To allow for separate handling by Special:MovePage,
MovePage::isValidMove now returns a fatal status `redirectexists` if
the target isn't valid but passes Title::isSingleRevRedirect.
Otherwise, `articleexists` is returned (as previously). Other callers
that don't intend to treat single revision redirects differently
should treat `redirectexists` the same as `articleexists`.
Currently, this deletion (like normal delete and move) cannot be
done through the move api. Since the deletion is only valid when
moving a page, unlike for normal deletion, deleting redirects with
this right cannot be done via the delete api either.
Bug: T239277
Change-Id: I36c8df0a12d326ae07018046541bd00103936144
The tag is added to reverted edits as described in T254074.
Functionality:
* Adding the mw-reverted tag to reverted edits (duh)
* Limiting the maximum depth of the update through a config variable
(mitigation #2 from T259014).
* Only applying the reverted tag after the edit has been somehow
approved. Only the patrol subsystem currently implements this, but
there's a hook that extensions can use (mitigation #4 from T259014, more
explanation in T259103).
* When performing the delayed update, it is checked whether the reverted
edit was reverted itself. If so, the update is ignored. This is
probably the only way to make the feature work due to the lack of an
explicit "disapproval" mechanism other than reverting.
* The update is also ignored if the revert is marked as deleted.
Technical design:
* The update code is in RevertedTagUpdate.php, which is a deferrable
update, but is not used as such. It's separated to allow for better DI,
testing and better code reusability in the future.
* The update is queued / ran using the Job subsystem. The relevant job
is in RevertedTagUpdateJob.php
* PageUpdater determines whether the edit is approved or not and passes
that to the DerivedPageDataUpdater.
* The BeforeRevertedTagUpdate hook lets extensions decide whether the
update should be ran right away or await approval.
* DerivedPageDataUpdater checks whether the edit is a revert and if so
either enqueues the job (if it's auto-approved) or caches the EditResult
for later use (if it needs approval).
* RevertedTagUpdateManager allows for easy re-enqueueing of the update
for extensions. Thus, it has a very minimal interface.
Other notes:
* The unit testing setup for RevertedTagUpdate is a bit complicated,
but it was the only way I could make this class testable while using
the static ChangeTags class.
Bug: T254074
Depends-On: I86d0e660f0acd51a7351396c5c82a400d3963b94
Change-Id: I70d5b29fec6b6058613f7ac2fb49f9fad9dc8da4
Update watchlist expiry language indicators (dropdowns, tooltips, watch
via star, watch via edit):
* Change "Permanently" to "Permanent"
* Change "XX days left" and "Expires in X days" to "XX days left in
watchlist"
* Update the "Click.." sentence by star to "Click to remove it."
* Change watch period for a page that is less than "1 day left" to "A
few hours left"
Bug: T253135
Bug: T255632
Change-Id: I114c6f77e86ad81b1810fedcd49f52c88700ca16
This aims to persist the EditResult object associated with reverts
in the ct_params field of change_tag table for revert tags. This can
be later used for analytics or when performing a delayed
RevertedTagUpdateJob (see T259103).
The code doing that has to be in the RecentChange class, as only it
knows the relevant rc_id and rev_id.
Bug: T259733
Change-Id: I365cf44484aa5bf907128a075fcff890649504c4
Extend the watchlist expiry clock icon from Special:Watchlist to
also be displayed on Special:RecentChanges for expiring watchlist
items.
Bug: T258310
Change-Id: I254570addd1835119c863639111bd5394cb4b697
This query was correctly excluding expired items from RC, but it
was failing to include them when the unwatched filter was set.
This is a follow-up to https://gerrit.wikimedia.org/r/c/mediawiki/core/+/602211
Bug: T252136
Change-Id: I5d43d746df21cc3674eb2e92c3f604b7c87b7d1a
For compliance with the new version of the table interface policy
(T255803).
This patch was created by an automated search & replace operation
on the includes/ directory.
Bug: T257789
Change-Id: I17e5e92e24c708ffc846945a136347670a3a20c7
Going through some more abstract classes in core, and
marking those that are extended by extensions as
stable.
I have limited knowledge on the uses of these classes so
marking for vibisility/review.
Bug: T247862
Change-Id: I1939bb11038ec2536eebbdbd12524e83d615b86b
Deprecating something means to say something nasty about it, or to draw
its character into question. For example, "this function is lazy and good
for nothing". Deprecatory remarks by a developer are generally taken as a
warning that violence will soon be done against the function in question.
Other developers are thus warned to avoid associating with the deprecated
function.
However, since wfDeprecated() was introduced, it has become obvious that
the targets of deprecation are not limited to functions. Developers can
deprecate literally anything: a parameter, a return value, a file
format, Mondays, the concept of being, etc. wfDeprecated() requires
every deprecatory statement to begin with "use of", leading to some
awkward sentences. For example, one might say: "Use of your mouth to
cough without it being covered by your arm is deprecated since 2020."
So, introduce wfDeprecatedMsg(), which allows deprecation messages to be
specified in plain text, with the caller description being optionally
appended. Migrate incorrect or gramatically awkward uses of wfDeprecated()
to wfDeprecatedMsg().
Change-Id: Ib3dd2fe37677d98425d0f3692db5c9e988943ae8
If a changeslist item has an expiry date, add a grey clock icon
after the page title, with a tooltip indicating when the item
expires.
Bug: T250212
Change-Id: I38f8c85321cf257eeea8de5a3bd73bbc0b5ea393
Done with `composer fix` and suppressing the rest (i.e. sniffs for
global variables, which for core should be suppressed anyway).
Additionally, add `-p` to `phpcbf`, as otherwise it just seems stuck.
Change-Id: Ide8d6cdd083655891b6d654e78440fbda81ab2bc
Migrate all callers of Hooks::run() to use the new
HookContainer/HookRunner system.
General principles:
* Use DI if it is already used. We're not changing the way state is
managed in this patch.
* HookContainer is always injected, not HookRunner. HookContainer
is a service, it's a more generic interface, it is the only
thing that provides isRegistered() which is needed in some cases,
and a HookRunner can be efficiently constructed from it
(confirmed by benchmark). Because HookContainer is needed
for object construction, it is also needed by all factories.
* "Ask your friendly local base class". Big hierarchies like
SpecialPage and ApiBase have getHookContainer() and getHookRunner()
methods in the base class, and classes that extend that base class
are not expected to know or care where the base class gets its
HookContainer from.
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Private $this->hookRunner. In some smaller classes where accessor
methods did not seem warranted, there is a private HookRunner property
which is accessed directly. Very rarely (two cases), there is a
protected property, for consistency with code that conventionally
assumes protected=private, but in cases where the class might actually
be overridden, a protected accessor is preferred over a protected
property.
* The last resort: Hooks::runner(). Mostly for static, file-scope and
global code. In a few cases it was used for objects with broken
construction schemes, out of horror or laziness.
Constructors with new required arguments:
* AuthManager
* BadFileLookup
* BlockManager
* ClassicInterwikiLookup
* ContentHandlerFactory
* ContentSecurityPolicy
* DefaultOptionsManager
* DerivedPageDataUpdater
* FullSearchResultWidget
* HtmlCacheUpdater
* LanguageFactory
* LanguageNameUtils
* LinkRenderer
* LinkRendererFactory
* LocalisationCache
* MagicWordFactory
* MessageCache
* NamespaceInfo
* PageEditStash
* PageHandlerFactory
* PageUpdater
* ParserFactory
* PermissionManager
* RevisionStore
* RevisionStoreFactory
* SearchEngineConfig
* SearchEngineFactory
* SearchFormWidget
* SearchNearMatcher
* SessionBackend
* SpecialPageFactory
* UserNameUtils
* UserOptionsManager
* WatchedItemQueryService
* WatchedItemStore
Constructors with new optional arguments:
* DefaultPreferencesFactory
* Language
* LinkHolderArray
* MovePage
* Parser
* ParserCache
* PasswordReset
* Router
setHookContainer() now required after construction:
* AuthenticationProvider
* ResourceLoaderModule
* SearchEngine
Change-Id: Id442b0dbe43aba84bd5cf801d86dedc768b082c7
* ProtectedHookAccessorTrait provides protected getHookContainer() and
getHookRunner() methods, getting them from the global service
container. The point of this is to ease migration to DI by ensuring
that call sites ask their local friendly base class rather than
getting a HookRunner from the service container directly.
* Migrate ChangesList and subclasses from Hooks::run() to the new system,
as a pilot for full migration.
Change-Id: Ic2d408fdb108087d81d0981aa670b35e0a6bb0ce
Add hook interfaces which were generated by a script which parses
hooks.txt and identifies caller namespaces and directories.
Hook interfaces are mostly placed in a Hook/ subdirectory
relative to the caller location. When there are callers in multiple
directories, a "primary" caller was manually selected. The exceptions to
this are:
* The source root, maintenance and tests, which use includes/Hook. Test
hooks need to be autoloadable in a non-test request so that
implementing test interfaces in a generic handler will not fail.
* resources uses includes/resourceloader/Hook
* The following third-level subdirectories had their hooks placed in
the parent ../Hook:
* includes/filerepo/file
* includes/search/searchwidgets
* includes/specials/forms
* includes/specials/helpers
* includes/specials/pagers
Parameters marked as legacy references in hooks.txt are passed
by value in the interfaces.
Bug: T240307
Change-Id: I6efe2e7dd1f0c6a3d0f4d100a4c34e41f8428720
Hard deprecation of passing Revision objects will follow soon,
but until that is ready core calls can be updated
There is some code cleanup that could be done around the calls, but
to simplify review no other changes are made.
Bug: T249561
Change-Id: Ifcfb3811650decffeaa87dc033c41fd1710b47a6
The change to ChangesList::revDateLink is not backwards compatible,
because the method was marked as @internal
Due to a breaking change in HistoryPager::revLink, and the fact that
it didn't have a visibility defined, it has been made private
Bug: T246284
Change-Id: I2f1309fda1c312a6cf634de48ad0bbcfcb2d83ae
Also updates CategoryMembershipChange to accept a RevisionRecord
instead of a Revision.
Bug: T246284
Change-Id: I30024b7278e108b0f4e20ef1eb44647916fad47c
This is a collection of random bits from my local stashes. This patch
intentionally only touches comments, no code.
Notably:
* Use more specific string[] instead of array, if possible.
* Some comments mention "or null", but miss to list the type.
Change-Id: I712b28964f125c8e3dcb4e3fb993757a09f96644
It uses $wgUser, but rather than adding a user parameter, the whole
method can just be deprecated and removed. All existing calls have
already been updated.
Bug: T245195
Change-Id: Id7d67cd69d87283cb88455593a4a183c4a5c7721
In all these cases, the foreach() loop specifies a variable for the
current value. We don't need two ways to access the same value. This
makes the code harder to read.
Change-Id: I6ed7a518439963b7091057194de993a7e977be32
Scalar casts are still allowed (for now), because there's a huge amount
of false positives. Ditto for invalid array offsets.
Thoughts about the rest: luckily, many false positives with array offsets
have gone. Moreover, since *Internal issues are suppressed in the base
config, we can remove inline suppressions.
Unfortunately, there are a couple of new issues about array additions
with only false positives, because apparently they don't take
branches into account.
Change-Id: I5a3913c6e762f77bfdae55051a395fae95d1f841
Repeating the variable name doesn't do anything. Documentation
generators don't need it. It's more stuff to read that doesn't add new
information. And it can become outdated.
Note there are two types of @var docs. When used inline (and not on a
class property) the variable name is needed.
Change-Id: If5a520405efacd8cefd90b878c999b842b91ac61
The contributions and history page was showing some semicolons in unexpected places.
These unwanted semicolons are now supressed by reverting to a new standalone element
in exactly the same place as the previous semicolon. This avoids the issue of
ordering that we hit before.
I have documented the behaviour of the semicolon separator in contribpager pages
My seemingly harmless change in Ic4508788299a13c4c830f447141d17d99ebe002e
For future generations I have encapsulated what I've learned in extensive
comments which seem important given the information I have acquired while
working on this patch.
Bug: T233649
Change-Id: I9723ead1815685a9cbcccf2c4e2f3ffff36dcee3
These were all checked with codesearch to ensure nothing is overriding
these methods.
For the most part, I've updated the signature to use nullable types; for
two Pager's, I've just made all parameters non-optional, because you're
already forced to pass them with a required parameter at the end.
Bug: T231636
Change-Id: Ie047891f55fcd322039194cfa9a8549e4f1f6f14
This patch fixes the documentation of newFromText and makeTitleSafe to
no longer state incorrectly that any Title they return is guaranteed to
be valid. That has never been true.
It also makes canExist() checks a lot stricter, to match the assumptions
of current callers, namely that the title can exist as a wiki page.
Finally, it replaces several existing calls to isValid() with calls to
canExist().
Bug: T229705
Change-Id: I2a483136ec6acca49afb5eb32cb94616672b8fb2
Entries such as "User creation log" on Special:RecentChanges can
be wrapped or not wrapped in parentheses
Bug: T219348
Change-Id: Ic764081497dbe8d6d9e5bff6f8a1ceeac4b306e2
This removes most of the pre-actor user and user_text columns, and the
$wgActorTableSchemaMigrationStage setting that used to determine
whether the columns were used.
rev_user and rev_user_text remain in the code, as on Wikimedia wikis the
revision table is too large to alter at this time. A future change will
combine that with the removal of rev_comment, rev_content_model, and
rev_content_format (and the addition of rev_comment_id and rev_actor).
ActorMigration's constructor continues to take a $stage parameter, and
continues to have the logic for handling it, for the benefit of
extensions that might need their own migration process. Code using
ActorMigration for accessing the core fields should be updated to use
the new actor fields directly. That will be done for in a followup.
Bug: T188327
Change-Id: Id35544b879af1cd708f3efd303fce8d9a1b9eb02
This allows us to remove many suppressions for phan false positives.
Bug: T231636
Depends-On: I82a279e1f7b0fdefd3bb712e46c7d0665429d065
Change-Id: I5c251e9584a1ae9fb1577afcafb5001e0dcd41c7
These filters provide a shortcut to see or highlight all entries associated
with a subject or a talk namespace.
They are defined as real filters on the client-side and are superset
of all other namespace filters.
They are expanded to the list of namespaces they represent on the server-side.
Bug: T201520
Change-Id: Id9e04a38c2d7c8165c27af98959aa5715225faa8
Log entries are wrapped with parenthesis - not hardcoded into HTML
causing stray brackets in Minerva where this element is floated.
Has no impact on other skins
In addition to this the entire log entry item is wrapped in a new
span mw-changeslist-log-entry to ensure the text is recognised
as a whole entity - on Minerva floats were leading to the action
and the action object being separated (e.g. uploaded and "File:Name
were separated
Bug: T229360
Change-Id: Idae997b15f68bb0dfcaa857f7458ba3497233d41
