wikimedia/mediawiki-extensions-AbuseFilter

Fork 0

mirror of https://gerrit.wikimedia.org/r/mediawiki/extensions/AbuseFilter.git synced 2024-11-13 17:27:20 +00:00

Commit graph

Author	SHA1	Message	Date
libraryupgrader	5377ebe819	build: Updating dependencies composer: * mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0 npm: * postcss: 7.0.35 → 7.0.36 * https://npmjs.com/advisories/1693 (CVE-2021-23368) Change-Id: I2b382f3bb236fb44eb24c6a257b13b8fd886541c	2021-07-21 18:51:18 +00:00
DannyS712	71bf9faf49	SECURITY: Avoid database for MediaWiki:Abusefilter-blocker fallback If the content language is English and the message is invalid as a username, or the content language is not English and both the content language version and the English version are invalid, the user in FilterUser would not be created - now, avoid the onwiki version of the English message in the fallback, so it could only be invalid if the default in the i18n files was invalid. Bug: T284364 Change-Id: I9e9f44b7663e810de70fb9ac7f6760f83dd4895b	2021-07-01 17:35:54 -05:00
Daimona Eaytoy	cbea88f818	Add a service to retrieve the filter user Unfortunately, this isn't using DI completely, because of the User::newSystemUser call. I'm not even sure if we really need to call it or we can just stick to new UserIdentityValue, but leaving like this for now. Also, the types were weakened to UserIdentity, so the transition is going to be easy anyway. Change-Id: I08f8fae0fcc622ff0ac3f86771476d06d1c18549	2020-10-26 14:06:53 +01:00

Author

SHA1

Message

Date

libraryupgrader

5377ebe819

build: Updating dependencies

composer:
* mediawiki/mediawiki-codesniffer: 36.0.0 → 37.0.0

npm:
* postcss: 7.0.35 → 7.0.36
  * https://npmjs.com/advisories/1693 (CVE-2021-23368)

Change-Id: I2b382f3bb236fb44eb24c6a257b13b8fd886541c

2021-07-21 18:51:18 +00:00

DannyS712

71bf9faf49

SECURITY: Avoid database for MediaWiki:Abusefilter-blocker fallback

If the content language is English and the message is invalid as
a username, or the content language is not English and both the
content language version and the English version are invalid, the
user in FilterUser would not be created - now, avoid the onwiki
version of the English message in the fallback, so it could only
be invalid if the default in the i18n files was invalid.

Bug: T284364
Change-Id: I9e9f44b7663e810de70fb9ac7f6760f83dd4895b

2021-07-01 17:35:54 -05:00

Daimona Eaytoy

cbea88f818

Add a service to retrieve the filter user

Unfortunately, this isn't using DI completely, because of the
User::newSystemUser call. I'm not even sure if we really need to call it
or we can just stick to new UserIdentityValue, but leaving like this for
now.
Also, the types were weakened to UserIdentity, so the transition is
going to be easy anyway.

Change-Id: I08f8fae0fcc622ff0ac3f86771476d06d1c18549

2020-10-26 14:06:53 +01:00

3 commits