Thijs/wiki.techinc.nl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
wiki.techinc.nl/.phpcs.xml
Tim Starling 65b1b6b56a Remove $wgShellLocale, always use C 
$wgShellLocale was a flawed solution to the problem of locale
dependence. MediaWiki has its own concept of locale (the Language
hierarchy) and any kind of dependence on the server's libc locale is
incorrect and harmful, leading to bugs. Developers have an expectation
that functions like strtolower() will work in a certain way, and
respecting the locale set in the environment at install time violates
this expectation.

The problems with using C as a locale, which led to $wgShellLocale, are:

* escapeshellarg() will strip non-ASCII characters. This can be worked
  around by not using it. The security vulnerability it was trying to
  fix can be prevented in another way.
* Shell commands like rsvg will fail to correctly interpret UTF-8
  arguments. This is the reason for the putenv(). On Linux, this can
  be fixed by using C.UTF-8, which we didn't know at the time. On
  Windows, the problem is not relevant (there are unrelated issues
  with UTF-8 arguments).

Bug: T291234
Change-Id: Ib5ac0e7bc720dcc094303a358ee1c7bbdcfc6447
2021-09-24 17:25:01 -07:00

238 lines
12 KiB
XML
Raw Blame History

<?xml version="1.0"?>
<ruleset name="MediaWiki">
<rule ref="./vendor/mediawiki/mediawiki-codesniffer/MediaWiki">
<exclude name="MediaWiki.Commenting.FunctionComment.MissingDocumentationPrivate" />
<exclude name="MediaWiki.Commenting.FunctionComment.MissingDocumentationProtected" />
<exclude name="MediaWiki.Commenting.FunctionComment.MissingDocumentationPublic" />
<exclude name="MediaWiki.Commenting.FunctionComment.WrongStyle" />
<exclude name="MediaWiki.Commenting.PropertyDocumentation.MissingDocumentationPrivate" />
<exclude name="MediaWiki.Commenting.PropertyDocumentation.MissingDocumentationProtected" />
<exclude name="MediaWiki.Commenting.PropertyDocumentation.MissingDocumentationPublic" />
<exclude name="MediaWiki.Commenting.PropertyDocumentation.MissingVar" />
<exclude name="MediaWiki.Commenting.PropertyDocumentation.SpacingAfter" />
<exclude name="MediaWiki.Commenting.PropertyDocumentation.WrongStyle" />
<exclude name="MediaWiki.ControlStructures.AssignmentInControlStructures.AssignmentInControlStructures" />
<exclude name="MediaWiki.NamingConventions.LowerCamelFunctionsName.FunctionName" />
<exclude name="MediaWiki.Usage.DbrQueryUsage.DbrQueryFound" />
<exclude name="MediaWiki.Usage.DeprecatedGlobalVariables.Deprecated$wgTitle" />
<exclude name="MediaWiki.Usage.DeprecatedGlobalVariables.Deprecated$wgVersion" />
<exclude name="MediaWiki.Usage.ExtendClassUsage.FunctionConfigUsage" />
<exclude name="MediaWiki.Usage.ExtendClassUsage.FunctionVarUsage" />
<exclude name="MediaWiki.Usage.ForbiddenFunctions.is_resource" />
<exclude name="MediaWiki.Usage.ForbiddenFunctions.passthru" />
<exclude name="MediaWiki.Usage.SuperGlobalsUsage.SuperGlobals" />
<exclude name="MediaWiki.WhiteSpace.SpaceBeforeSingleLineComment.NewLineComment" />
<exclude name="PSR2.Classes.PropertyDeclaration.Multiple" />
</rule>
<rule ref="MediaWiki.NamingConventions.PrefixedGlobalFunctions">
<properties>
<!--
maintenance/language/transstat.php
* showUsage
maintenance/mcc.php
* mccGetHelp
* mccShowUsage
maintenance/storage/moveToExternal.php
* moveToExternal
maintenance/storage/resolveStubs.php
* resolveStub
* resolveStubs
tests/phpunit/includes/HooksTest.php
* NothingFunction
* NothingFunctionData
tests/qunit/data/styleTest.css.php
* cssfilter
-->
<property name="ignoreList" type="array" value="cssfilter,mccGetHelp,mccShowUsage,moveToExternal,NothingFunction,NothingFunctionData,resolveStub,resolveStubs,showUsage" />
</properties>
</rule>
<rule ref="MediaWiki.NamingConventions.ValidGlobalName">
<properties>
<property name="ignoreList" type="array" value="$IP" />
</properties>
</rule>
<rule ref="MediaWiki.NamingConventions.ValidGlobalName.allowedPrefix">
<exclude-pattern>*/maintenance/doMaintenance\.php</exclude-pattern>
<exclude-pattern>*/maintenance/mergeMessageFileList\.php</exclude-pattern>
<exclude-pattern>*/maintenance/CommandLineInc\.php</exclude-pattern>
<exclude-pattern>*/tests/phpunit/MediaWikiIntegrationTestCase\.php</exclude-pattern>
</rule>
<rule ref="Generic.Classes.DuplicateClassName.Found">
<exclude-pattern>*/includes/libs/rdbms/dbal/MWPostgreSqlPlatformCompat\.php</exclude-pattern>
</rule>
<rule ref="Generic.Files.LineLength">
<exclude-pattern>*/languages/messages/*</exclude-pattern>
</rule>
<rule ref="MediaWiki.Files.ClassMatchesFilename.NotMatch">
<!--
Continue to allow existing violations, but enable the sniff to prevent
any new occurrences.
-->
<exclude-pattern>*/includes/specials/SpecialMostimages\.php</exclude-pattern>
<exclude-pattern>*/includes/specials/SpecialMovepage\.php</exclude-pattern>
<exclude-pattern>*/includes/specials/SpecialUserrights\.php</exclude-pattern>
<exclude-pattern>*/includes/specials/SpecialWantedfiles\.php</exclude-pattern>
<exclude-pattern>*/includes/specials/SpecialWantedpages\.php</exclude-pattern>
<exclude-pattern>*/maintenance/benchmarks/bench_HTTP_HTTPS\.php</exclude-pattern>
<exclude-pattern>*/maintenance/benchmarks/bench_Wikimedia_base_convert\.php</exclude-pattern>
<exclude-pattern>*/maintenance/benchmarks/bench_delete_truncate\.php</exclude-pattern>
<exclude-pattern>*/maintenance/benchmarks/bench_if_switch\.php</exclude-pattern>
<exclude-pattern>*/maintenance/benchmarks/bench_utf8_title_check\.php</exclude-pattern>
<exclude-pattern>*/maintenance/cleanupTitles\.php</exclude-pattern>
<exclude-pattern>*/maintenance/edit\.php</exclude-pattern>
<exclude-pattern>*/maintenance/findDeprecated\.php</exclude-pattern>
<exclude-pattern>*/maintenance/getText\.php</exclude-pattern>
<exclude-pattern>*/maintenance/importDump\.php</exclude-pattern>
<exclude-pattern>*/maintenance/install\.php</exclude-pattern>
<exclude-pattern>*/maintenance/jsparse\.php</exclude-pattern>
<exclude-pattern>*/maintenance/lag\.php</exclude-pattern>
<exclude-pattern>*/maintenance/language/StatOutputs\.php</exclude-pattern>
<exclude-pattern>*/maintenance/language/date-formats\.php</exclude-pattern>
<exclude-pattern>*/maintenance/mysql\.php</exclude-pattern>
<exclude-pattern>*/maintenance/parse\.php</exclude-pattern>
<exclude-pattern>*/maintenance/preprocessorFuzzTest\.php</exclude-pattern>
<exclude-pattern>*/maintenance/rebuildImages\.php</exclude-pattern>
<exclude-pattern>*/maintenance/renderDump\.php</exclude-pattern>
<exclude-pattern>*/maintenance/shell\.php</exclude-pattern>
<exclude-pattern>*/maintenance/sql\.php</exclude-pattern>
<exclude-pattern>*/maintenance/term/MWTerm\.php</exclude-pattern>
<exclude-pattern>*/maintenance/update\.php</exclude-pattern>
<exclude-pattern>*/maintenance/userOptions\.php</exclude-pattern>
<exclude-pattern>*/maintenance/view\.php</exclude-pattern>
<!-- Language converters use the pattern of 2 classes in one file -->
<exclude-pattern>*/languages/*</exclude-pattern>
<!-- Skip violations in some tests for now -->
<exclude-pattern>*/tests/parser/*</exclude-pattern>
<exclude-pattern>*/tests/phpunit/maintenance/*</exclude-pattern>
<exclude-pattern>*/tests/phpunit/bootstrap\.php</exclude-pattern>
<exclude-pattern>*/tests/phpunit/phpunit\.php</exclude-pattern>
</rule>
<rule ref="MediaWiki.Files.ClassMatchesFilename.WrongCase">
<!--
Continue to allow existing violations, but enable the sniff to prevent
any new occurrences.
-->
<exclude-pattern>*/maintenance/language/alltrans\.php</exclude-pattern>
<exclude-pattern>*/maintenance/language/digit2html\.php</exclude-pattern>
<exclude-pattern>*/maintenance/language/langmemusage\.php</exclude-pattern>
<exclude-pattern>*/maintenance/mctest\.php</exclude-pattern>
<exclude-pattern>*/maintenance/mergeMessageFileList\.php</exclude-pattern>
<exclude-pattern>*/maintenance/mwdocgen\.php</exclude-pattern>
<exclude-pattern>*/maintenance/rebuildall\.php</exclude-pattern>
<exclude-pattern>*/maintenance/rebuildmessages\.php</exclude-pattern>
<exclude-pattern>*/maintenance/rebuildrecentchanges\.php</exclude-pattern>
<exclude-pattern>*/maintenance/rebuildtextindex\.php</exclude-pattern>
<exclude-pattern>*/maintenance/storage/checkStorage\.php</exclude-pattern>
<exclude-pattern>*/maintenance/storage/recompressTracked\.php</exclude-pattern>
<exclude-pattern>*/maintenance/storage/trackBlobs\.php</exclude-pattern>
<!-- Skip violations in some tests for now -->
<exclude-pattern>*/tests/phpunit/unit/includes/GlobalFunctions/*</exclude-pattern>
<exclude-pattern>*/tests/phpunit/includes/GlobalFunctions/*</exclude-pattern>
<exclude-pattern>*/tests/phpunit/maintenance/*</exclude-pattern>
<exclude-pattern>*/tests/phpunit/integration/includes/GlobalFunctions/*</exclude-pattern>
</rule>
<rule ref="Generic.PHP.NoSilencedErrors.Discouraged">
<!--
Our normal policy of using Wikimedia\AtEase does not always make sense tests.
AtEase cannot be cleanly used in tests that also use expectException() as
the restoreWarnings() call would never be reached:
$this->expectException( PasswordError::class );
AtEase::suppressWarnings();
$password->crypt( 'whatever' );
AtEase::restoreWarnings();
The above will stop at crypt(), as expected, and leave AtEase in a dirty
state for unrelated tests.
TODO: Stop using PHPUnit TestCase directly. Require with a structure test
or with a high-level check in our run() hook, that all test cases use either
MediaWikiUnitTestCase or MediaWikiIntegrationTestCase. Otherwise the check
in MediaWikiTestCaseTrait can still be bypassed and cause a random failures.
-->
<exclude-pattern>*/tests/*</exclude-pattern>
</rule>
<rule ref="Generic.Files.OneObjectStructurePerFile.MultipleFound">
<!--
Continue to allow existing violations, but enable the sniff to prevent
any new occurrences.
-->
<exclude-pattern>*/includes/libs/rdbms/dbal/MWPostgreSqlPlatformCompat\.php</exclude-pattern>
<exclude-pattern>*/maintenance/dumpIterator\.php</exclude-pattern>
<exclude-pattern>*/maintenance/findDeprecated\.php</exclude-pattern>
<exclude-pattern>*/maintenance/storage/recompressTracked\.php</exclude-pattern>
<exclude-pattern>*/maintenance/preprocessorFuzzTest\.php</exclude-pattern>
<exclude-pattern>*/maintenance/language/StatOutputs\.php</exclude-pattern>
<exclude-pattern>*/maintenance/language/generateCollationData\.php</exclude-pattern>
<exclude-pattern>*/maintenance/term/MWTerm\.php</exclude-pattern>
<!-- Language converters use the pattern of 2 classes in one file -->
<exclude-pattern>*/languages/*</exclude-pattern>
<!-- We don't care that much about violations in tests -->
<exclude-pattern>*/tests/*</exclude-pattern>
</rule>
<rule ref="PSR2.Methods.MethodDeclaration.Underscore">
<exclude-pattern>*/includes/StubObject\.php</exclude-pattern>
<exclude-pattern>*/includes/StubGlobalUser\.php</exclude-pattern>
<exclude-pattern>*/includes/StubUserLang\.php</exclude-pattern>
</rule>
<rule ref="MediaWiki.Usage.AssignmentInReturn.AssignmentInReturn">
<exclude-pattern>*/tests/phpunit/*</exclude-pattern>
</rule>
<rule ref="MediaWiki.Usage.ForbiddenFunctions.popen">
<!--
Continue to allow existing violations, but enable the sniff to prevent
any new occurrences.
-->
<exclude-pattern>*/includes/GlobalFunctions\.php</exclude-pattern>
<exclude-pattern>*/includes/libs/filebackend/FSFileBackend\.php</exclude-pattern>
<exclude-pattern>*/maintenance/includes/SevenZipStream\.php</exclude-pattern>
<exclude-pattern>*/maintenance/populateImageSha1\.php</exclude-pattern>
</rule>
<rule ref="MediaWiki.Usage.ForbiddenFunctions.proc_open">
<!--
Continue to allow existing violations, but enable the sniff to prevent
any new occurrences.
-->
<exclude-pattern>*/includes/export/DumpPipeOutput\.php</exclude-pattern>
<exclude-pattern>*/includes/resourceloader/ResourceLoaderImage\.php</exclude-pattern>
<exclude-pattern>*/includes/shell/Command\.php</exclude-pattern>
<exclude-pattern>*/maintenance/includes/TextPassDumper\.php</exclude-pattern>
<exclude-pattern>*/maintenance/mysql\.php</exclude-pattern>
<exclude-pattern>*/maintenance/storage/recompressTracked\.php</exclude-pattern>
<exclude-pattern>*/tests/parser/editTests\.php</exclude-pattern>
</rule>
<rule ref="MediaWiki.Usage.ForbiddenFunctions.shell_exec">
<!--
Continue to allow existing violations, but enable the sniff to prevent
any new occurrences.
-->
<exclude-pattern>*/maintenance/mwdocgen\.php</exclude-pattern>
<exclude-pattern>*/maintenance/updateCredits\.php</exclude-pattern>
</rule>
<rule ref="MediaWiki.Usage.ForbiddenFunctions.system">
<!--
Continue to allow existing violations, but enable the sniff to prevent
any new occurrences.
-->
<exclude-pattern>*/maintenance/mwdocgen\.php</exclude-pattern>
</rule>
<rule ref="MediaWiki.Commenting.MissingCovers.MissingCovers">
<exclude-pattern>*/tests/phpunit/structure/*</exclude-pattern>
</rule>
<rule ref="Generic.Arrays.DisallowShortArraySyntax">
<!--
T273340: Rule not to be enabled on any other file.
PHPVersionCheck.php requires syntax to be old PHP compatible.
The rest should therefore use [] rather than array() as per the
MediaWiki style guide.
-->
<include-pattern>includes/PHPVersionCheck\.php</include-pattern>
</rule>
<file>.</file>
<arg name="encoding" value="UTF-8"/>
<arg name="extensions" value="php"/>
<exclude-pattern type="relative">^(extensions|skins)/*</exclude-pattern>
<exclude-pattern>LocalSettings(-installer)?\.php</exclude-pattern>
</ruleset>
Reference in a new issue View git blame Copy permalink