Commit graph

73 commits

Author SHA1 Message Date
libraryupgrader 66e8b6a46f build: Updating dependencies
composer:
* mediawiki/mediawiki-phan-config: 0.10.4 → 0.10.5

npm:
* ini: 1.3.5 → 1.3.7
  * https://npmjs.com/advisories/1589

Change-Id: I334074a31e68cdd8fb4f278fe279d6e1e11d78d6
2020-12-11 16:24:46 +00:00
Derk-Jan Hartman d65c61e49b Error message for formatNum should not refer to formatDate
These new error messages were referring to formatDate instead of
formatNum.

Change-Id: Ic20a5a5515ee55d46087449627138cc779909ec3
Follow-up: Ib7706ad40f7ee2da6ab7c6b2dab6ae8d129dab52
Bug: T268758
2020-11-26 14:12:15 +01:00
libraryupgrader 14046a6414 build: Updating mediawiki/mediawiki-phan-config to 0.10.4
Additionally, unbreak master build after core change T10327.

Change-Id: I8fb240c9b8291d907b857f17d6f4960a24de2ef7
2020-11-20 17:01:25 +00:00
C. Scott Ananian 078253bd06 library: Lua formatNum should check that the value is not infinity or NaN
The core formatNum method only works on strings which pass `is_numeric`,
not NaN and +/- infinity.

Bug: T267587
Change-Id: Ib7706ad40f7ee2da6ab7c6b2dab6ae8d129dab52
2020-11-16 17:44:17 +00:00
Tim Starling eb01c6ad22 Fix invalid UTF-8 in LuaSandbox profiler data
Bug: T228746
Change-Id: Idf5cd4ed230a40f6894ed7b435c28c9ec2764b9b
2020-11-10 15:13:27 +00:00
C. Scott Ananian 7ec0ebfb2a Format Scribunto Lua Preview Limit Report memory numbers in bytes
Makes it consistent with other entries

Bug: T263592
Change-Id: Icc303455feab27966480854ea1c055ceab864ee0
2020-11-05 13:43:27 -05:00
libraryupgrader 00fc2c3f1e build: Updating mediawiki/mediawiki-codesniffer to 33.0.0
The following sniffs are failing and were disabled:
* MediaWiki.Commenting.FunctionComment.ObjectTypeHintParam
* MediaWiki.Commenting.PropertyDocumentation.MissingDocumentationPrivate
* MediaWiki.Commenting.PropertyDocumentation.MissingDocumentationProtected
* MediaWiki.Commenting.PropertyDocumentation.MissingDocumentationPublic
* MediaWiki.Commenting.PropertyDocumentation.WrongStyle

Additional changes:
* Added the `wikimedia/mediawiki` profile in .eslintrc.json (T262222).
* Added the `wikimedia/jquery` profile in .eslintrc.json (T262222).
* Removed global `$`, included in the `wikimedia/jquery` profile (T262222).
* Removed global `mw`, included via `wikimedia/mediawiki` profile (T262222).
* Dropped the emtpy global definition in .eslintrc.json.

Change-Id: Ib0acbf92bcb8327ecd065db5db1083d7b222976c
2020-11-04 17:24:30 +00:00
Reedy b53689abde Fix double formatting of memory units
Bug: T263592
Change-Id: If8a71419d656530859552abaddeed66d5a9ddc4b
2020-10-23 19:46:57 +00:00
C. Scott Ananian 0cd8904842 Suppress phan false positives in LuaSandboxEngine::formatLimitData()
Most of this function deals with values for the single
scribunto-limitreport-profile key, where $value is an array of
strings.  Phan's security check plugin was getting confused because
*in general* the $value passed to a ParserLimitReportFormat hook can
be almost anything.

Change-Id: I0ef5ef71f00a92bd5db0df340725c88595fcb0c6
2020-10-23 17:02:23 +00:00
C. Scott Ananian 2bec230e3d Use Language::formatNumNoSeparators where appropriate
Avoids using the deprecated $noSeparators parameter to Language::formatNum
in favor of Language::formatNumNoSeparators, which has been around since
MW 1.21.

Change-Id: If3de5645a92514f605d4117fea3a820ed6c86624
2020-09-09 18:17:23 -04:00
libraryupgrader b9c82f4d4a build: Updating mediawiki/mediawiki-phan-config to 0.10.2
Additional changes:
* Removed phan-taint-check-plugin from extra, now inherited from mediawiki-phan-config.

Change-Id: I83fff3a5ff566790bc051d7bfffe7f3b124d3de7
2020-06-02 01:54:01 +00:00
Reedy aeaa5172b9 Fix PSR12.Properties.ConstantVisibility.NotFound
Bug: T253169
Change-Id: I50048f917c4b8cde4ebc002ed57f0e0afcf6e8c6
2020-05-30 01:32:16 +01:00
Brad Jorsch 34fc672f6d Add tests and type checking for mw.addWarning()
Testing was overlooked when this was added in Ibdd2506f.

Change-Id: Ie17020e3082668180dfa1d6532946891ea7951ea
2020-05-08 17:05:11 +00:00
DannyS712 c062595b01 Handle RevisionAccessException with try-catch
Failures caused by a9b073fc62

Bug: T252156
Change-Id: I703c2e0b13e79716f156e1c995fd139fbc68e321
2020-05-07 20:57:42 +00:00
DannyS712 a9b073fc62 Remove use of Parser::fetchCurrentRevisionOfTitle and Revision::getSha1
Use new fetchCurrentRevisionRecordOfTitle

Bug: T249384
Bug: T251233
Change-Id: I9a4974a990f8e4f7935cd8e38da918fd45a2282c
2020-04-28 09:34:26 +00:00
libraryupgrader 9facd741cc build: Updating dependencies
composer:
* mediawiki/mediawiki-codesniffer: 29.0.0 → 30.0.0

npm:
* eslint-config-wikimedia: 0.15.0 → 0.15.3
* grunt-stylelint: 0.14.0 → 0.15.0
* stylelint-config-wikimedia: 0.9.0 → 0.10.1

Change-Id: I684372efb0248862700184546a5172bfd6d81ae0
2020-04-22 19:07:11 +00:00
C. Scott Ananian e0837cfd46 Don't use deprecated Parser::OutputType()
Depends-On: I0b4d5f170216597afb259cedbb13b8028d284715
Change-Id: I70e0ecb201d5ffdc3ccb75caf552a1dee4ad9e60
2020-04-17 00:47:42 +00:00
Antoine Musso fda6a663aa Remove trailing newline from log messages
wfDebug() required a newline in the message. That is no need with
wfDebugLog() or with our PSR-3 logging interface.

Bug: T228848
Change-Id: Ieb3de1ab59174ec0e1301e42bccee6cebce8749f
2020-03-23 14:58:33 +00:00
Umherirrender 724c38c892 Use MediaWikiServices::getRepoGroup
This required MediaWiki 1.34

Change-Id: Ie7186b0729b54ef9a52b18bb6a2a2696dca6daed
2020-03-16 17:58:49 +00:00
Umherirrender 92587641dc Use MediaWikiServices::getContentLanguage()
This required MediaWiki 1.32

Change-Id: Iff717eba8f4fad1e80229ebcf317ceec81667846
2020-03-16 17:58:26 +00:00
DannyS712 fb850e853c Don't fall back to global $wgUser when creating ParserOptions
Pass a user when relevant, or use ParserOptions::newFromAnon()

Bug: T246861
Change-Id: I44adb6d5c037de2fb05573cde3c7356cb73e8b42
2020-03-07 02:33:24 +00:00
DannyS712 d1f6e793ee Stop using old deprecated SpecialPageFactory static functions
Bug: T245686
Change-Id: If4d166c9a95bb9381ea4de560168f5d9d683d6f5
2020-02-19 23:12:56 +00:00
Brad Jorsch 66f83331db Record vary-page-id when ID is accessed via mw.title
This triggers a needed reparse when a new page is created using a module
that accesses the page ID.

Bug: T237746
Change-Id: I5564c2e896dd2a025c5a886ca478c377fac83e74
2020-02-13 17:24:41 +00:00
libraryupgrader 7b2cda5591 build: Updating composer dependencies
* mediawiki/minus-x: 0.3.2 → 1.0.0
* jakub-onderka/php-console-highlighter: 0.3.2 → 0.4.0
* mediawiki/mediawiki-phan-config: 0.9.0 → 0.9.1

Change-Id: Ibdedddbf19eb4712c31c1b95024391ff013f73e8
2020-02-07 06:37:29 +00:00
Brad Jorsch 3a19bb8b0c Document a lot of methods
Clear up a bunch of phpcs ignores by documenting many methods.

Also remove Scribunto_LuaError::setLineMap(), which has apparently never
been used since it was added in Ia51f439e.

Change-Id: I763bcdbc7edbbb8e4600495a03acca3439fc0ec9
2020-01-17 23:03:03 +00:00
Umherirrender ef8aff71ec Use class name resolution to refer to class names
::class is validated by phan and avoids misspelled class names

Change-Id: I613d5df56fcee6099e4294f5c6df078aafad1210
2020-01-02 16:59:55 +00:00
libraryupgrader 3b2d40f28d build: Updating mediawiki/mediawiki-phan-config to 0.9.0
Depends-On: I9661ed8dd80cb827d7a1414c1eef952c0933a1f0
Change-Id: Ia34d9d9eade74cbb261dbfe4e39971de57cab888
2019-12-31 20:46:17 +00:00
Umherirrender 9c6f6f905a Split all classes in own files
Move autoload entries for test to TestAutoloadClasses key

Change-Id: Ie705db0e7225600b7b498cfa134733a65f1ae1c9
2019-12-21 10:20:18 +01:00
Umherirrender e83bc743ec Split classes in Base.php
Change-Id: Ie29a32aeb10cf23264481d3b0f5fb5096d49b60e
2019-12-18 19:06:57 +00:00
Umherirrender e70a548fbc build: Updating mediawiki/mediawiki-phan-config to 0.8.0
Bug: T235049
Change-Id: Ia8cb36d60d56eb899e96eacf7640d8da50c4adfe
2019-11-26 09:30:36 +00:00
Max Semenik d866df0ed8 Stop passing objects by reference
Bug: T193950
Change-Id: Ib18865bac35e52b52489fb0d501dfd0574906092
2019-11-15 19:23:28 +00:00
James D. Forrester a4f43da4d2 Drop use of wgParser, replaced in 1.32 and to be removed in 1.35
Bug: T160811
Change-Id: Ic18f8e3df636e092a2517a622cb3969ac048725e
2019-10-29 08:38:30 +00:00
Max Semenik 764847164a Replace trigger_error('') magic with error_clear_last()
Bug: T191247
Change-Id: I8bedd9c6df4648941c957d92fa8b0c8464f1d796
2019-10-28 14:08:55 +00:00
Brad Jorsch 0ee41431c2 Don't error if someone returns a built-in function from their module
This is getting close to the point of "don't do that, just wrap the
built-in". But since it's a regression in a recent patch, let's restore
the old behavior here.

Bug: T236092
Change-Id: Ieddc23d942bc91fd0246ae14d8a4af7719e3834f
2019-10-23 08:41:40 +00:00
Brad Jorsch 1617bb3deb Return correct frame from mw.getCurrentFrame in certain edge cases
When an #invoke is passed as an argument to another #invoke,
mw.getCurrentFrame() at module scope will return the wrong frame.

On the PHP side, we need to always reset the frame when processing
an #invoke, not just when there's no frame already. I don't remember why
I82dde43e wasn't done that way, but changing it doesn't make any tests
fail and Scribunto tends to have good tests.

On the Lua side, we need to do the same. The logic wih mw.getCurrentFrame()
using a global that gets stored, modified, and reset in several places
was getting confusing, so this patch reworks the logic to inject a
globalless mw.getCurrentFrame() into each #invoke's cloned environment
instead.

Bug: T234368
Change-Id: I8cb5bc4dc14c9b448c9f267e0539daa75e72af4c
2019-10-14 02:39:13 +00:00
Umherirrender fc7a6d5b5e Get GenderCache from MediaWikiServices
GenderCache::singleton is deprecated since 1.28
The service exists since 1.28, this extensions required 1.31

Change-Id: I3925f9ac2facc59cf37c82e16284e53c61abbc6e
2019-08-21 17:13:43 +00:00
libraryupgrader 8deabe62d4 build: Updating dependencies
composer:
* mediawiki/mediawiki-codesniffer: 24.0.0 → 26.0.0

npm:
* set-value: 2.0.0 → 2.0.1
  * https://npmjs.com/advisories/1012
  * CVE-2019-10747
* union-value: 1.0.0 → 1.0.1
  * https://npmjs.com/advisories/1012
  * CVE-2019-10747
* mixin-deep: 1.3.1 → 1.3.2
  * https://npmjs.com/advisories/1013
  * CVE-2019-10746
* lodash: 4.17.11 → 4.17.15
  * https://npmjs.com/advisories/1065
  * CVE-2019-10744

Change-Id: I8a6a2b4264a878c01d1d5a1b58ea59eb400f26a5
2019-08-03 04:53:01 +00:00
Ladsgroup 9bedee0604 Revert "Suppress wrong phan errors"
This reverts commit 0cfb5422dc.

Reason for revert: Not needed anymore and actually causing phan to fail on master

Change-Id: I2705489f9247e0d6741aaa04fe9c9800bcbda914
2019-07-28 14:14:41 +00:00
Amir Sarabadani 0cfb5422dc Suppress wrong phan errors
\BagOStuff::makeKey() and \BagOStuff::makeGlobalKey() can take
any number of arguments but phan gives out PhanParamTooMany
and this breaks master avoiding anything to be merged

Change-Id: I4b313606e03565182552d9c581feccabaa408022
2019-07-22 14:57:05 +00:00
Aaron Schulz e5097e6145 Use "vary-revision-sha1" over "vary-revision" in getContentInternal()
These allows for some chance of avoiding extra save parses.
Also add wfDebug() call to mention the vary-* flag.

Bug: T226432
Depends-on: Idcd30a3fa3f7012dac76ce8bbf46625453ae331f
Change-Id: Id3bc207382aac90bd63df2d83d6334aae9b2477d
2019-07-18 01:48:12 +00:00
James D. Forrester 9309269892 build: Upgrade phan-taint-check-plugin from 1.5.x to 2.0.1
Change-Id: I3aa1b3ee7de78c11b66fdce02686720587eb4f72
2019-07-11 08:13:40 +00:00
Brad Jorsch 164974c4b5 ustring: Replace UtfNormal hack with a different one
Ideally we'd just have composer.json require UtfNormal so we'd know
where it is and have an autoloader to load it for us, but that seems to
not be done in the world of MediaWiki extensions.

Previously we had been taking paths to the two data files from UtfNormal
and loading them into a stub class, but phan has started complaining
about the definition of the stub class colliding with the real UtfNormal.
So let's try loading the real UtfNormal\Validator and its data files.
Hopefully this continues to not try to pull in any other files via the
nonexistent autoloader.

Change-Id: I93baf20f0eef1892685e272793b4f99236e8c905
2019-06-11 00:09:15 +00:00
Brad Jorsch 2e79d0a719 mw.uri: Support IP-Literal syntax
RFC 3986 allows IPv6 literals (and future IP versions) by having the
"host" enclosed in brackets, like `http://[2001:db8::]`. mw.uri should
handle these appropriately.

Bug: T223267
Change-Id: I6f712b87bc376cf606c6c2ebbe80176037d6dddb
2019-05-19 07:55:29 +00:00
Holger Knust 6c231cbe4d Call method getText() instead of getNativeData()
Classes derived from TextContent support the getText method. The previously called method getNativeData is going to be deprecated.

Bug:  T155582
Change-Id: I550d2ecf2c4b71da17258af0c2306c1ca49806d3
2019-03-27 11:02:34 -04:00
Kunal Mehta 8328acb9b1 Upgrade to newer phan
Bug: T216940
Change-Id: If8c2027f6bb7b91504fb51a3d2668b6d929b5da1
2019-03-20 21:19:37 -07:00
Kunal Mehta 017d6a133b Fix @return for SiteLibrary::pagesInCategory()
If $which === '*', then it returns int[][].

Change-Id: If9204367ce7acf67625b343a35b61aba02dd6a31
2019-03-20 21:18:51 -07:00
Kunal Mehta c3d93b61e2 Use PHP 7 variadic params for LuaInterpreter::callFunction()
Change-Id: I3b32e73dcee6a92d91f29915a76dd4e83c080ada
2019-03-20 21:17:45 -07:00
Kunal Mehta f308135df3 Use PHP 7's ?? syntax
Change-Id: I768782b8acbc1776e29886d330358553675e272b
2019-03-20 21:16:08 -07:00
MGChecker 4bc7abb0ac Set "TemplateSandboxEditNamespaces" in extension.json
If TemplateStyles installed, then enable it in the Module namespace
by default. This change is analogous to I96d9601ff80c2d3eb052c01.

Since both extensions use the ContentHandlerDefaultModelFor hook, Scribunto
will check if the sanitized-css model has already been set, and if so, not
override it. If the page is in NS_MODULE, it will set the content model to
Scribunto, but allow further hooks to override it, in which case it is
expected that TemplateStyles would set it to sanitized-css.

Bug: T200914
Depends-On: I2fa9b822ee39bcc5f95a293c8c4aad4d53ede30a
Change-Id: I7a9b445accde35e4a5e7d13100c646f211d21afe
2019-01-15 09:39:30 -08:00
Kunal Mehta 237d059ea1 Add lua5.1 patch for CVE-2014-5461
For whenever anyone else has to recompile the binaries, it's easier if
the patch file is in git.

I copied it directly out of T72541, and verified with:
 patch -p1 < ../CVE-2014-5461.patch
in the lua5.1 source tree.

Change-Id: I714a9d55096d9b5d081cd3e54f3b2e6848dcafef
2019-01-08 21:33:47 -08:00