Why:
* Echo stores agents by their user id or by the name if the user
is not registered. This works for IPs since the "event_agent_ip"
field has limit of 39 bytes (32× [0-9A-F] + 7× colon for IPv6).
* However, it's possible to hold a user identity that is not
an IP address, but the user name has not been or cannot be
registered (e.g., external users). Echo wouldn't validate this
and would attempt to insert the user name into "event_agent_ip",
possibly causing silent truncation and data corruption.
What:
* Do not let events with such agents be saved. For now, log an
error in the production. Wikibase, the only known source of this
problem, has already been fixed.
* In runtime, replace every possibly corrupted user name with
a placeholder to avoid unexpected null values and exceptions
in production.
Bug: T367638
Change-Id: Ic2bd218b10651d13da9e9aea54dd2d668a33d946
Depends-On: I03b4367355dc5a3fc0c14aad5fdf19fbcd0caa3d
Depends-On: I92eb93983e81708b289e9f7d837884d539dade0b
Implicitly marking parameter $... as nullable is deprecated in PHP
8.4. The explicit nullable type must be used instead.
Bug: T376276
Change-Id: I251cb37401c37242f493816b6f70ab61a64a4c32
Why:
* On wikis with lots of bot activity like Wikidata, there is a large
volume of edits which can potentially create an article-linked
notification. These notifications are now actually rarely sent
because they are disabled for bots (T318523). However, the event
record is always inserted into the database, with no reference to
it, bloating the database.
What:
* Do not unconditionally insert an event into the database when
Event::create is called. Pass it to downstream calls and have
it inserted when it's clear it will actually be needed (i.e.,
a notification is definitely going to be created).
* Pass the event's payload to the job queue instead of requiring
its ID. Introduce Event::newFromArray, which unlike ::loadFromRow
handles ::toDbArray values that haven't been inserted into
the database yet.
* Introduce Event::acquireId which ensures the event has been
inserted prior to returning its ID as well as it does not get
re-inserted.
Bug: T221258
Change-Id: I8b9a99a197d6af2845d85d9e35c6703640f70b91
Changes to the use statements done automatically via script
Addition of missing use statements done manually
Change-Id: Iad87245bf8082193be72f7e482f29e9f1bad11fc
Extensions should not a consumer of its own hooks,
just call the code before calling the hook.
In case of EchoGetBundleRules each extension should only handle it's
own event, so this is not a breaking change.
In case if EchoAbortEmailNotification the return false in the hook
handler already aborted further hooks, so this is not a breaking change.
Change-Id: I2715aa6499d01a1c1b3a27ff510b331eae0deca9
Singletons are bad, amongst other reasons, because they're never reset
in tests. They can therefore occasionally cause test failures if the
cached data stored in one of these singletons becomes stale.
As noted on the task, ideally these two classes shouldn't exist at all,
and core should be responsible for caching the information it deems
expensive to compute.
As a temporary (TM) workaround, make both classes actual services, so
that the setUp/tearDown logic in MediaWikiIntegrationTestCase can
properly reset them between tests.
Dependencies are intentionally not being injected, precisely because
these classes should just be deleted, not improved.
Bug: T344124
Change-Id: I58b8d9610f9447468235b94d25732528ab6acce6
Most notably, CatchableFatalErrorException and the code that throws it
are unused since Ic5712c4ce265b6faabce7a4028b4294fe3c73f18 (in 2016).
Bug: T328220
Change-Id: I5497347e41b21d2623b7e79bf7f977268a809c1d
