As documented, string.gub( 'foo', '%a', '%1' ) should raise an invalid
capture index error because there is no capture with index 1 in the
pattern. But in fact it treats %1 as %0 in this situation. The ustring
library should match this behavior.
This patch also adds some tests for the behavior of gsub with table and
function replacements when the pattern does have captures.
Bug: T207623
Change-Id: Ie3e6c2eafa4a05989815c62c7037167642581751
This patch updates the scribunto extension so all old http links
to wikimedia are now https.
Bug: T189687
Change-Id: I3f030063e7c6277abd3b0458eaf4b973145afed2
Its a command line script, so echoing is not an XSS. It can
do malicious things if given a malicious command line argument,
but that is by design
The last remaining phan-taint-check warning is due to a bug
in the plugin.
Bug: T202380
Change-Id: I19a07f741980a7e4d5e8458395c67523d240d221
The $options parameter to ScribuntoContent::fillParserOutput() is
typehinted as `ParserOptions` and is not nullable, so the code path for
`!$options` will never be reached.
Also fix the @param doc to match.
Bug: T194263
Change-Id: I254a583b7f7ddd1797aa40f0ddfb973161185a49
The following sniffs are failing and were disabled:
* MediaWiki.Usage.ForbiddenFunctions.popen
* MediaWiki.Usage.ForbiddenFunctions.proc_open
* MediaWiki.Usage.ForbiddenFunctions.shell_exec
Change-Id: I39e352194565a5526c1a8a34992c028fb305b03b
If the replacement table or function results in a value that isn't a
string or number (or nil), string.gsub raises an error. Have ustring
raise the same error.
Bug: T195326
Change-Id: Ic36f9f5d7adc0c14e7a4a94d3747335107acd8b6
Manually import LuaSandbox's git repository as a composer dependency to
provide the PHP stubs for phan.
Change-Id: I6226b9211f31d829da5a2775c6f5cf3599dd8ebc
The class existence check Scribunto used to tell apart current and
B/C versions of SyntaxHighlight does not work with recent versions.
This caused the B/C branch to be invoked unnecessarily, which
resulted in deprecation warnings.
Also, the supposedly non-B/C branch also invoked B/C code which has
no error handling.
The commit removes B/C support and adds a new way of interacting with
SyntaxHighlight.
Bug: T109873
Change-Id: I2d518b5412efbe4e8ddb43e7c465ea55dc44b1a3
normalization-data.lua is updated to Unicode 8.0.0 (libicu57).
charsets.lua is updated to match the character classes used by PCRE 8.35,
which seems to be Unicode 6.3.0.
upper.lua and lower.lua are still based on whatever ancient version of
Unicode is used by mb_strtoupper and mb_strtolower in HHVM 3.18.6.
Bug: T177498
Change-Id: I00b471176e1fd21123c22d187ff222928819e459