Jayprakash12345 [Sat, 30 Jun 2018 13:20:44 +0000 (18:50 +0530)]
Fix $magicWords for the Sanskrit language
Bug: T102320
Change-Id: I4ef78dc7a41916a9af6aa259de455e3948662913
(cherry picked from commit
eb741da7a18c7f52dc2e2b55c4f34e69362b5c7f)
Brad Jorsch [Thu, 29 Nov 2018 14:03:20 +0000 (09:03 -0500)]
User: Bypass repeatable-read when creating an actor_id
When MySQL is using repeatable-read transaction isolation (which is the
default), the following sequence of events can occur:
1. Request A: Begin a transaction.
2. Request A: Try to select the actor ID for a user. Find no rows.
3. Request B: Insert an actor ID for that user.
4. Request A: Try to insert an actor ID for the user. Fails because one
exists.
5. Request A: Try to select the actor ID that must exist. Fail because of
the snapshot created at step 2.
In MySQL we can avoid this issue at step #5 by using a locking select
(FOR UPDATE or LOCK IN SHARE MODE), so let's do that.
Bug: T210621
Change-Id: I6c1d255fdd14c6f49d2ea9790e7bd7d101e98ee4
(cherry picked from commit
37f48fdb25a78ba7623c57b50cdfd842292d3ccb)
Brad Jorsch [Fri, 21 Sep 2018 18:32:34 +0000 (14:32 -0400)]
Add join conditions to ActiveUsersPager
We're (very slowly and somewhat unofficially) moving towards using join
conditions everywhere, and here they're needed to avoid errors once the
actor migration reaches the READ_NEW stage.
Bug: T204767
Change-Id: I8bfe861fac7874f8938bed9bfac3b7ec6f478238
(cherry picked from commit
15441cabe60d84e17ffb25824aeb095d92bc375a)
Alexia E. Smith [Thu, 15 Nov 2018 16:09:15 +0000 (10:09 -0600)]
Update git submodules
* Update extensions/ParserFunctions from branch 'REL1_31'
to
a28ad04eeefa05a16264e67537ba118bd67576d4
- Fix E_WARNING with {{#pos:}} if the offset is larger than the string
The mb_strpos() function throws E_WARNING if the offset is longer
than the length of the string.
Bug: T209600
Change-Id: Ib4296ba136eaf5c8461681e9d5f108118b2494f4
(cherry picked from commit
cf1480cb9629514dd4400b1b83283ae6c83ff163)
jenkins-bot [Wed, 19 Dec 2018 12:30:23 +0000 (12:30 +0000)]
Merge "i18n: Clarify the default sidebar 'Help' link is about MediaWiki itself" into REL1_31
Amir Sarabadani [Tue, 18 Dec 2018 17:55:13 +0000 (18:55 +0100)]
Fix copy-paste error
It's actually adding the column on the wrong table
Change-Id: I2fd8ea50f3eb4b5da04fce2ea0348a2dc6329965
Andre Klapper [Thu, 29 Nov 2018 10:09:34 +0000 (11:09 +0100)]
i18n: Clarify the default sidebar 'Help' link is about MediaWiki itself
Enough users of third-party MediaWiki installations seem to think it is a
link to a help forum for the topic of that installation, and not for
MediaWiki.
Bug: T209335
Change-Id: I6614b7a5c06de3ffca7ddbb10ea75450e7c6f183
(cherry picked from commit
ac0a3f17cf46b7733fcc1d0cef65febb1d04b7b6)
jenkins-bot [Tue, 18 Dec 2018 05:45:47 +0000 (05:45 +0000)]
Merge "Upgrade wikimedia/ip-set to 1.3.0" into REL1_31
jenkins-bot [Tue, 18 Dec 2018 05:45:41 +0000 (05:45 +0000)]
Merge "Use our fork of less.php" into REL1_31
Kunal Mehta [Tue, 18 Dec 2018 04:13:14 +0000 (20:13 -0800)]
Update git submodules
* Update vendor from branch 'REL1_31'
to
5c8dde3a1611b701e28678b36a878c4e3cecfeb7
- Upgrade wikimedia/ip-set to 1.3.0
Change-Id: Ib749ec9aae5aeb3fad8232ecbea749530e0408a2
Kunal Mehta [Tue, 18 Dec 2018 04:09:56 +0000 (20:09 -0800)]
Update git submodules
* Update vendor from branch 'REL1_31'
to
a48c47a029213b44e032b8dcdd4795876cfc93a8
- Switch to our less.php fork
Bug: T206975
Change-Id: I01e0b3328c8e1c4a69c37a471e436acd8911f1fa
Kunal Mehta [Tue, 18 Dec 2018 04:14:25 +0000 (20:14 -0800)]
Upgrade wikimedia/ip-set to 1.3.0
Bug: T209756
Depends-On: Ib749ec9aae5aeb3fad8232ecbea749530e0408a2
Change-Id: I7f5625924baea822f2679115278a3d7a02a72d57
Kunal Mehta [Tue, 18 Dec 2018 04:12:14 +0000 (20:12 -0800)]
Use our fork of less.php
Supports PHP 7.3, among other things
Bug: T206975
Depends-On: I01e0b3328c8e1c4a69c37a471e436acd8911f1fa
Change-Id: I8edcd9316cbff40aee3d52c7295f5974ee2f44b0
Brad Jorsch [Tue, 4 Dec 2018 16:08:08 +0000 (11:08 -0500)]
ImageListPager: Actor migration for buildQueryConds()
This method got missed in I8d825eb0.
Bug: T211061
Change-Id: Ice7446e54a42cbf48eae2a2092862a722650086c
(cherry picked from commit
86b081aa4100bfde2c4903c16fd593f485954326)
rvogel [Mon, 3 Dec 2018 10:48:08 +0000 (11:48 +0100)]
Save value from CLI installers `--lang` argument
This way the value of `--lang` is available to `LocalSettingsGenerator`.
Bug: T210998
Change-Id: I8b6bd83603687e4d23fc7e0642c3b8f27157b62d
(cherry picked from commit
996ac9f61e34db8b5d50ca9574a021e422cf9030)
James D. Forrester [Fri, 30 Nov 2018 23:16:20 +0000 (15:16 -0800)]
RELEASE-NOTES-1.31: Add in other cherry-picks since 1.31.1 was cut
Gone through `git log --topo-order --no-merges --reverse 1.31.1..`
from
1f664ea4 to
7a6393fc (HEAD as of writing); re-worded a couple,
grouped the PHP version work together, and skipped a couple which
were just follow-up tweaks or test fixes to ones already in the list.
Change-Id: Ic04998209348abf73eefb1cad404700da91457ed
Bartosz Dziewoński [Wed, 1 Aug 2018 01:13:18 +0000 (03:13 +0200)]
LogFormatter: Fail softer when trying to link an invalid titles
Old log entries contain titles that used to be valid, but now are not.
Bug: T185049
Change-Id: Ia66d901aedf1b385574b3910b29f020b3fd4bd97
(cherry picked from commit
26bb9d9b23eb2075eefca2097ca393a9d4aa3264)
Seb35 [Tue, 20 Nov 2018 14:25:09 +0000 (15:25 +0100)]
SQL syntax error in MS-SQL file
Bug: T209870
Change-Id: I91e4f8472832c4bb17eb1d185db1bcbde57a9287
(cherry picked from commit
e1100d2d53baa71d20cc282b6dc0a950b080aaad)
Paladox [Mon, 19 Nov 2018 21:29:44 +0000 (21:29 +0000)]
Use $revQuery['joins'] in query in populateSearchIndex
Bug: T209885
Change-Id: Iaf53179535030064788eb107c4ebdd398ed306e4
RazeSoldier [Sat, 10 Nov 2018 07:32:34 +0000 (15:32 +0800)]
Update git submodules
* Update extensions/LocalisationUpdate from branch 'REL1_31'
to
8ac18feceb9bf298a65c4e27d29cd458e4bc061a
- Use "break" instead of "continue" inside a switch
"continue" statements in a switch are equivalent to "break". In PHP 7.3, will generate a warning.
Bug: T206976
Change-Id: I7e28a59918edbbcc741a64c6c0ed2a55bd650384
(cherry picked from commit
fa93fda37e308a83e3211f53c8f828b5c3482c07)
Derk-Jan Hartman [Wed, 14 Nov 2018 20:01:22 +0000 (21:01 +0100)]
Update git submodules
* Update extensions/WikiEditor from branch 'REL1_31'
to
dca935d7de870eb5352788c0537c172b574f1475
- Modules: Protect against loading modules twice
Bug: T189029
Change-Id: Ie0dff9c1dfa8e3a0927f2915a9a237dff739289a
(cherry picked from commit
0161e37e6e67ac6eb76fbc0bea4f299e17fcdda2)
David Causse [Tue, 6 Nov 2018 13:35:03 +0000 (14:35 +0100)]
Add test for completionSearch with wgCapitalLinkOverrides
Bug: T208255
Change-Id: Id2299a013b2dc9b5391d400d7c7c4dc37185f714
David Causse [Tue, 6 Nov 2018 14:52:08 +0000 (15:52 +0100)]
Completion search should not change the search query
when extracting the namespace
Bug: T208255
Change-Id: I98206bda9a32e12acc7e515c3396fa823c3cd4f3
Niklas Laxström [Wed, 24 Oct 2018 08:33:04 +0000 (10:33 +0200)]
Update git submodules
* Update extensions/LocalisationUpdate from branch 'REL1_31'
to
bdf7b30dbada29938bd92ee6b9370a45d0ecac61
- Handle exceptions from GitHubFetcher
If a l10n directory is not found, log a message but continue.
This commit introduces some output to normal update.php run, which
can be disabled with the --quiet switch.
Bug: T176390
Change-Id: Ic1001303aef859d325e307edd4348364cab9ed7d
(cherry picked from commit
db84ba6ed2b4e255c844171db545fa451da08e1f)
addshore [Mon, 24 Sep 2018 08:25:53 +0000 (09:25 +0100)]
composer.json, require ext-fileinfo
PHPVersionCheck requires fileinfo be installed for mime_content_type
Change-Id: Iea7d2c7842c770e77c05265d4f4b08b17f9ab71f
(cherry picked from commit
139bf5bc7b66c83bd5a27d4fc6806ddaebe3f188)
Jack Phoenix [Fri, 13 Jul 2018 03:33:10 +0000 (06:33 +0300)]
Don't throw E_NOTICEs about undefined properties
Bug: T199494
Change-Id: Id24b9ece76ca0bedcaac29f1a6f5567af78658c1
(cherry picked from commit
83164669a140717797953f07baaf0b3239689017)
jenkins-bot [Mon, 22 Oct 2018 22:03:54 +0000 (22:03 +0000)]
Merge "Update wikimedia/base-convert to 2.0.0" into REL1_31
Kunal Mehta [Mon, 22 Oct 2018 18:17:22 +0000 (11:17 -0700)]
Update git submodules
* Update vendor from branch 'REL1_31'
to
5f60e30d272ea5327b407e625b4398952d49f8cf
- Update wikimedia/base-convert to 2.0.0
Bug: T194052
Change-Id: I4de5c0ab827c96e2cef4e0b2cd7d10a109393668
(cherry picked from commit
2f3707a143c1ef3bbe69d57fa724ae9dc6541d0e)
Kunal Mehta [Mon, 22 Oct 2018 18:17:40 +0000 (11:17 -0700)]
Update wikimedia/base-convert to 2.0.0
The breaking change is dropping PHP 5 support.
Bug: T194052
Depends-On: I4de5c0ab827c96e2cef4e0b2cd7d10a109393668
Change-Id: If39ea5274bfa3c9b0ce18f9a43a27445a90ea3fc
(cherry picked from commit
bb2d81c3a47e1fb1266b6f0352bb89b786ea9235)
jenkins-bot [Mon, 22 Oct 2018 15:18:08 +0000 (15:18 +0000)]
Merge "Upgrade wikimedia/remex-html to 2.0.1" into REL1_31
Kunal Mehta [Sun, 21 Oct 2018 05:10:45 +0000 (22:10 -0700)]
Update git submodules
* Update vendor from branch 'REL1_31'
to
48fed251a916a78bf5bff4f38fc9c1131ee21f4f
- Upgrade wikimedia/remex-html to 2.0.1
Bug: T207088
Change-Id: Id4bbbdb68678c37ec4aa84d519516199bb800393
(cherry picked from commit
48f274d9cc6b2e8d4961c831e1cc81c4edba6689)
jenkins-bot [Mon, 22 Oct 2018 15:18:02 +0000 (15:18 +0000)]
Merge "Upgrade wikimedia/remex-html to 2.0.0" into REL1_31
Kunal Mehta [Tue, 14 Aug 2018 20:38:26 +0000 (13:38 -0700)]
Update git submodules
* Update vendor from branch 'REL1_31'
to
78271def9b2b28e6f176ca470f23e24526ff2c5c
- Upgrade wikimedia/remex-html to 2.0.0
Change-Id: Ie13945649314853cbd5707363f3a10da55752743
(cherry picked from commit
1f29509a937d9ac7c6c0b876928307828a697fa9)
jenkins-bot [Mon, 22 Oct 2018 02:14:00 +0000 (02:14 +0000)]
Merge "RemexCompatMunger: Don't call endTag() in case B/b" into REL1_31
jenkins-bot [Mon, 22 Oct 2018 02:11:41 +0000 (02:11 +0000)]
Merge "<ins>/<del> elements can be phrasing or flow" into REL1_31
Kunal Mehta [Sun, 21 Oct 2018 05:12:14 +0000 (22:12 -0700)]
Upgrade wikimedia/remex-html to 2.0.1
Bug: T207088
Depends-On: Id4bbbdb68678c37ec4aa84d519516199bb800393
Change-Id: Ia5822f5f283f5d935c78402ce71e2d010e9a7a91
(cherry picked from commit
a404d87418bb332deab92fa7189b999d1c0c410c)
Kunal Mehta [Tue, 14 Aug 2018 20:38:37 +0000 (13:38 -0700)]
Upgrade wikimedia/remex-html to 2.0.0
Depends-On: Ie13945649314853cbd5707363f3a10da55752743
Change-Id: Ib6c8aaa797c128c273cde8095eb0bb1527fc0e21
(cherry picked from commit
9cac6c5645cbde9c48a4fac43c8dfdd977bb200f)
Tim Starling [Mon, 6 Aug 2018 02:30:51 +0000 (12:30 +1000)]
RemexCompatMunger: Don't call endTag() in case B/b
This was naïve, the linked bug documents a case where endTag() was
called despite children of the p-wrap still being in TreeBuilder's
stack. Instead, wait for the parent of the p-wrap to have endTag()
called on it, I've submitted a patch which will clean up the node in
that case.
Bug: T200827
Change-Id: I34694813eace9cadabf2db8f9ccca83d1368cfad
(cherry picked from commit
10c8cfea305ec1d450b16ad54ebddb5f910016f4)
Arlo Breault [Thu, 12 Jul 2018 18:31:04 +0000 (14:31 -0400)]
<ins>/<del> elements can be phrasing or flow
The changes to the parserTests.txt highlight the differing opinions that
doBlockLevels and Remex had on whether these should be paragraph wrapped.
Since the only time they wouldn't have been was when found on a line
with other flow tags, this likely isn't a behaviour that was depended on
in practice. And, indeed, the task describes this as a bug.
A sampling of pages from an insource:/\<(ins|del)\>/ search on wiki bears
this out.
Bug: T17491
Change-Id: I311da777a63aa3c45013f2cfc090be35a022497e
(cherry picked from commit
5a7f860b7859146d006d09c29f542be835165870)
Brian Wolff [Thu, 27 Sep 2018 11:42:37 +0000 (11:42 +0000)]
SECURITY: Don't allow loading unprotected JS files
This is meant to protect against malicious people while avoiding
annoying good users as much as possible. We may want to restrict
this further in the future, but that's something that can be discussed
in the normal way.
Bug: T194204
Bug: T113042
Bug: T112937
Change-Id: I27e049bae78b5c0f63b10f454b740cb1dc394813
Brian Wolff [Tue, 15 May 2018 00:34:14 +0000 (00:34 +0000)]
SECURITY: Disallow loading JS/CSS/Json subpages from unregistered users and log
Loading JS from an unregistered user's JS subpage is a severe
security risk as someone could potentially register that account
and then modify the JS.
Bug: T207603
Change-Id: I741736e12b0ed49e95f22c869a2b53e2c97b31f0
jenkins-bot [Sun, 21 Oct 2018 17:33:31 +0000 (17:33 +0000)]
Merge "Don't pass a MailAddress pass the email to mail()" into REL1_31
jenkins-bot [Sun, 21 Oct 2018 15:59:47 +0000 (15:59 +0000)]
Merge "Update ImportableUploadRevisionImporter for interwiki usernames" into REL1_31
jenkins-bot [Sun, 21 Oct 2018 15:59:42 +0000 (15:59 +0000)]
Merge "installer: Don't link to the obsolete "Extension Matrix" page" into REL1_31
Brad Jorsch [Wed, 17 Oct 2018 15:26:51 +0000 (11:26 -0400)]
Database: Allow selectFieldValues() to accept SQL fragments
The documentation says "This must be a valid SQL fragment", but as
written it breaks if given anything other than a field name. It's easy
enough to fix by adding an alias to the internal select() call.
Bug: T201781
Change-Id: I76428af6d3aadc266254fdb24109a0ac2db3761f
(cherry picked from commit
c5a5b022400318e52638a4d34369ddbb74d7a21b)
Zoranzoki21 [Sat, 29 Sep 2018 00:06:23 +0000 (03:06 +0300)]
installer: Don't link to the obsolete "Extension Matrix" page
Bug: T205765
Change-Id: Id1ba965c7c06ce03611ba745421dc982f5393f8c
(cherry picked from commit
8b7b5f04b7c84ffd2cda3aae06513a8e4fca6128)
Reedy [Sat, 20 Oct 2018 12:37:15 +0000 (13:37 +0100)]
Don't pass a MailAddress pass the email to mail()
Bug: T207541
Change-Id: I1516023907e9773cb093010c6b67279f695abb1a
(cherry picked from commit
c57aacb782f5ce5e53253192a53d736ece300d3c)
Kunal Mehta [Sat, 20 Oct 2018 12:35:22 +0000 (05:35 -0700)]
Include IP address in "Login for $1 succeeded" log entry
Bug: T207540
Change-Id: Iab4f2f2ddc8e64ead2f33356d03fa7beed399415
Brad Jorsch [Tue, 16 Oct 2018 14:47:44 +0000 (10:47 -0400)]
Update ImportableUploadRevisionImporter for interwiki usernames
This was somehow missed in I5401941c.
Bug: T206013
Change-Id: Ia618b05329e6cbfca7c95d9161f12ba4150705c8
(cherry picked from commit
afb2578055b49f3fe523cf9314f75d63bac4786b)
Brad Jorsch [Tue, 16 Oct 2018 14:22:33 +0000 (10:22 -0400)]
Add session_write_close() calls to SessionManager tests
PHP 7.3 doesn't like it if session_id() is called when the session has
been started, so we need to be sure to close it first in a few tests.
Bug: T207112
Change-Id: Ief36c1bb7b5c9066f158b5bb0d6d785a7f7ddd3c
(cherry picked from commit
6698b7ea1d63fbd2e3014bf563c3ad9e937bc8dd)
Aryeh Gregor [Mon, 8 Oct 2018 18:04:12 +0000 (21:04 +0300)]
Output only to stderr in unit tests
Otherwise, session tests don't work in PHP 7.2 because headers are
already sent: https://bugs.php.net/bug.php?id=75628
Bug: T206476
Change-Id: Ie88db4a61a56b756c6445d2579a2f30da22c3ee8
Aryeh Gregor [Mon, 8 Oct 2018 17:10:36 +0000 (20:10 +0300)]
Suppress "Headers already sent" in PHP 7.2 too
The "h" is now capitalized, so we need to update the regex.
Change-Id: I1111e1228868ec66d930c7a3b0d7972e5c6356b9
(cherry picked from commit
1572f3b1b89abc958da6a7d131553e3b67953403)
Aaron Schulz [Sat, 26 May 2018 00:29:17 +0000 (17:29 -0700)]
Avoid PHP 7.2 warnings in DBConRefTest about count() on non-Countable
Change-Id: Ida81bf998b462f2f6bb2b708df1f15bbc1933db1
(cherry picked from commit
b172aff090b7c59c2f602931d469cf3ac5e9e74a)
Edward Chernenko [Mon, 18 Jun 2018 22:53:52 +0000 (01:53 +0300)]
Fix PHP warnings "preg_replace(): [...] invalid range in character class"
This was spotted when running tests on Travis (PHP 7.3 nighly, trusty).
Two expressions inside preg_replace() contained non-escaped "-" inside [],
where this "-" meant an actual "-" character.
The warning is because "-" has special meaning inside [] ("a-z" for range),
and things like [\w-.] are considered "invalid range".
Solution is to escape "-" like this: [\w\-.]
Change-Id: I41cc217081f00f54d957b6d8052ee209412f5ff6
(cherry picked from commit
d88e924b6e5a7d529c471980e14f72430a94e546)
Kunal Mehta [Mon, 15 Oct 2018 07:17:38 +0000 (00:17 -0700)]
LocalisationCache: Avoid use of compact()
In PHP 7.3, compact() now raises notices if the variable is undefined, which
is something that we expect. So we can check whether the key exists instead
of bothering with compat() and suppressing warnings.
Bug: T206979
Change-Id: I612049db4debd850a2e6d10bc631d31aa17be898
(cherry picked from commit
d0463178dfa09b79b3a08fee939da1beed030824)
RazeSoldier [Mon, 15 Oct 2018 15:58:26 +0000 (23:58 +0800)]
Use "break" instead of "continue" inside a switch
"continue" statements in a switch are equivalent to "break". In PHP 7.3, will generate a warning.
Bug: T206974
Change-Id: I54bcec013ff52ab81bff09f8f7ef02f3944a5b7d
(cherry picked from commit
f3b012b51f492155cd7acf4d7f641cd43147bfc0)
RazeSoldier [Mon, 15 Oct 2018 10:35:36 +0000 (18:35 +0800)]
Update git submodules
* Update extensions/ParserFunctions from branch 'REL1_31'
to
f2c63e5062c136d756d5d4378a722385e4b0149c
- Use "break" instead of "continue" inside a switch
"continue" statements in a switch are equivalent to "break". In PHP 7.3, will generate a warning.
Also change the indentation.
Bug: T206977
Change-Id: I8ad0ef6508e73bcca7dabfe2e88d661dd409bdfb
(cherry picked from commit
d258457e018bfa157bf4b782efed8c160ec40545)
RazeSoldier [Thu, 23 Aug 2018 16:18:07 +0000 (00:18 +0800)]
Use "break" instead of "continue"
"continue" statements are equivalent to "break". In PHP 7.3, will generate a
warning.
Bug: T200595
Change-Id: I244ecb2e1ce5a76295f014fb1becd8d263196846
(cherry picked from commit
24ffbd9bd182944daa8b12244b729562cd5f50db)
jenkins-bot [Fri, 12 Oct 2018 00:32:25 +0000 (00:32 +0000)]
Merge "Remove deprecated pear/mail_mime-decode from composer dependancies" into REL1_31
Reedy [Thu, 11 Oct 2018 20:54:58 +0000 (21:54 +0100)]
Update git submodules
* Update vendor from branch 'REL1_31'
to
86a1bbc0ab0fe0a4a750b48a1f76baa48ed013b1
- Remove pear/mail_mime-decode
Code isn't PHP 7 compatible, and rotted. Useful code seems to have
been merged into pear/mail
Bug: T109121
Change-Id: Iaaba6985526e95699fe24e7fbc64817d3dd9ebaf
Reedy [Thu, 11 Oct 2018 20:42:15 +0000 (21:42 +0100)]
Remove deprecated pear/mail_mime-decode from composer dependancies
Bug: T109121
Change-Id: I198e39e77d54bf3edd0ebf08403c6623d6092fd4
Reedy [Thu, 11 Oct 2018 18:20:30 +0000 (19:20 +0100)]
Load installer i18n when running update.php
Bug: T206765
Change-Id: Ie1c1a5dbf7c905eaca55777448e5aba00267ed31
(cherry-picked from
a8408122fd7982ec1f6f380288c887298ba07045)
Mark A. Hershberger [Tue, 24 Jul 2018 16:36:46 +0000 (12:36 -0400)]
Add pear/Net_SMTP 1.7.3 to composer dependencies
Bug: T200254
Change-Id: I231759a1e0bd5b8750939acaad85ed327d052b79
Brad Jorsch [Thu, 26 Apr 2018 18:52:12 +0000 (14:52 -0400)]
Fix typo in postgres patch-drop-ar_text.sql
I18f1c740 was cherry-picked to REL1_31 but it was broken.
Before that got merged to REL1_31, this was already in master,
but apparently that was missed when cherry-picking.
This should have made 1.31-rc.2.
Bug: T205967
Change-Id: I6d479d123848325b8501275ef4b98fc81cd99505
(cherry picked from commit
7e685a395d4a6e69d904c03f6e847b18795217a9)
Kunal Mehta [Wed, 26 Sep 2018 04:44:50 +0000 (21:44 -0700)]
Document removal of CologneBlue & Modern from the tarball
Worth noting as a pre-upgrade thing, as trying to run the updater will fail
unless it's disabled or downloaded separately.
Reported by <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909589>.
Change-Id: I5ea6dc65d683dfceaa25104ca59f2f56c1ab1884
Brad Jorsch [Tue, 18 Sep 2018 16:01:32 +0000 (12:01 -0400)]
WatchedItemStore::countVisitingWatchersMultiple() shouldn't query all titles when asked for none
If a caller gives an empty array for $targetsWithVisitThresholds, per
the documentation it should be expecting an empty array in return, not a
count of watchers for every title in the database.
Bug: T204729
Change-Id: I0f25fae301450d077bb30597281aaef0fba209d4
(cherry picked from commit
f5469d36602cb2a95396830b14e9a631d698f3a6)
Kunal Mehta [Mon, 3 Sep 2018 08:11:17 +0000 (01:11 -0700)]
Bump 1.31.1
Change-Id: I4f1dbc9ddf6daa9e67a08908d0c04db876493b84
Kunal Mehta [Fri, 20 Jul 2018 20:29:14 +0000 (22:29 +0200)]
SECURITY: Don't exclude .htaccess files from `git archive`
Bug: T199029
Change-Id: I7ada3dddc4f5f7f2800882ccc9c73c8494f7fac9
Brian Wolff [Sun, 13 May 2018 19:37:09 +0000 (19:37 +0000)]
SECURITY: Do not allow botpassword login if account locked.
Reported by Rxy
Bug: T194605
Change-Id: Ib41005e69ab4db6f849837de12f0d41398b58f9a
Chad Horohoe [Tue, 13 Mar 2018 18:43:30 +0000 (18:43 +0000)]
SECURITY: Make 'newbie' limit in $wgRateLimits really override 'user' limit
The order of operations was incorrect.
Bug: T169545
Change-Id: Ia910aa2a494914d3b0017daac9ab294ea9fa8705
Jayprakash12345 [Wed, 22 Aug 2018 18:53:05 +0000 (00:23 +0530)]
UsersPager: Fix typo in formDescriptor array
Bug: T202550
Change-Id: I06c6cf596ab0f159ad6a50251788ff3917125ae7
(cherry picked from commit
eee4385869fab8d1b5dde7bd3f6520ed880ef673)
Tim Starling [Wed, 1 Aug 2018 01:30:49 +0000 (11:30 +1000)]
Fix pingback on non-MySQL
MySQL has its own implementation of upsert(), but the others rely on
$uniqueIndexes being a field list, not a field/value associative array.
The previous code generated an SQL error when checking for existing
values.
Bug: T200864
Change-Id: Ifb56f7f350fbb84144bc6f5a1dd76939816338a6
(cherry picked from commit
ba54f7f90dce0e06ff3c4ad1ec141362f10be9a9)
Aaron Schulz [Wed, 15 Aug 2018 01:44:40 +0000 (18:44 -0700)]
Make ExternalStoreDB "wiki" context override the server "dbname" field
This is all that is needed for b/c and going beyond that can break
foreign wiki (domain) external store access if matching per-wiki DB
names *are* used for external store.
Follow up to
92e4ace7eae61.
Bug: T200471
Change-Id: I877139ff659f542da04d4d8f5ef3297dbfcfd734
Aaron Schulz [Sun, 12 Aug 2018 10:14:54 +0000 (03:14 -0700)]
Use LB server configuration to force DB domains in ExternalStorageDB
This is for backwards-compatibility for pre
14ee3f210782 external store
configuration that relied on not using the main wiki DB name(s).
(cherry-picked from
92e4ace7eae612ce0fa040e02d932516c4d99712)
Bug: T200471
Change-Id: Ie60cae64e32ff2532565cbd79c8e084634a61cce
Tim Starling [Wed, 1 Aug 2018 00:18:08 +0000 (10:18 +1000)]
Fix total breakage of SQLite web upgrade
Partial revert of
8d61cf2793abd2, since LBFactoryTest.php passes without
overriding selectDB() in the current master. It's unclear why it was necessary.
Bug: T200861
Change-Id: I7c0560d7890616899297f81a227db98996d5cb7f
(cherry picked from commit
7584bf22fb2bda3c66ecf50c1edaad904ee1a649)
Sam Wilson [Sat, 30 Jun 2018 07:55:47 +0000 (15:55 +0800)]
Guard against uncountable tag values
As of PHP 7.2 counting false or null raises a "Warning: count(): Parameter must be an array or an object that implements Countable".
Bug: T182377
Bug: T196793
Change-Id: I7ca38bc55ae04f68106fe0d27c7d496da1538459
(cherry picked from commit
61af022e5f8e06c2588a8fc3fd003f52bdb85b08)
Matěj Suchánek [Sun, 29 Jul 2018 09:54:45 +0000 (11:54 +0200)]
Treat all time values on Special:Watchlist as floats
PHP division may return float or int, depending on the operands. [1]
Make sure all numbers are of the same type (floats), because
XmlSelect compares values with ===.
[1] http://php.net/manual/en/language.operators.arithmetic.php
Bug: T199566
Change-Id: I37df6fd425f47d9a4562d83e04fcb50c3b97e0da
(cherry picked from commit
4b75063d0eafeb9260f177cde782156a81b56f6b)
Brad Jorsch [Wed, 13 Jun 2018 13:51:57 +0000 (09:51 -0400)]
PHPSessionHandler: Suppress warnings in initialize()
PHP 7.2 has gotten strict about calling various session-related methods
after headers were sent. Even in CLI mode where there are no headers to
send in the first place. Silence these warnings.
Bug: T197030
Change-Id: Idaabf1320c56e0d6c26387f03af05f32e1496a1c
(cherry picked from commit
701854b3ebc3c2b06067823395a7d95e8984cfda)
Aaron Schulz [Thu, 14 Jun 2018 00:14:23 +0000 (17:14 -0700)]
rdbms: disable ChronologyProtector if EmptyBagOStuff is used
Bug: T197206
Change-Id: Ic07634224fac1ae72d1ba20176c028fdda5ba415
jenkins-bot [Wed, 18 Jul 2018 10:26:57 +0000 (10:26 +0000)]
Merge "Avoid arithmetics on localized number string ("0,04") in SpecialWatchlist" into REL1_31
Florian Schmidt [Fri, 15 Jun 2018 15:51:22 +0000 (17:51 +0200)]
registration: Use the correct key for skin dependencies
Instead of using "skin" to check for skin dependencies, extension registration
now uses the correct key "skins" (from the schema).
Bug: T197478
Change-Id: I382fc79229e1406786f444192e6e3e3bde44d224
(cherry picked from commit
0f7e760334df920adca5f6340814ba028b95dae0)
petarpetkovic [Thu, 24 May 2018 22:27:21 +0000 (00:27 +0200)]
Insert space before compatibility link in PHP version message
Change-Id: Ia056ba7f9eddbcf31082c7b2f7a64e7dbf02cba4
(cherry picked from commit
6da2a437e3ce62652c5e5a0d631be36908eee369)
Brad Jorsch [Tue, 10 Jul 2018 18:13:58 +0000 (14:13 -0400)]
SpecialChangeEmail: Log email changes
Bug: T151415
Change-Id: Icc403be286f87a591ebc9d3e07d84b09f8b87713
Edward Chernenko [Sun, 1 Jul 2018 02:10:56 +0000 (05:10 +0300)]
Avoid arithmetics on localized number string ("0,04") in SpecialWatchlist
In SpecialWatchlist::cutoffselector(), values like 1/24 or 6/24 are cast
to string via strval(). However, in some locales (e.g. ru_RU.utf8) strval
will return a localized form of the number, e.g. "0,04" instead of "0.04".
This "0,04" is then used in arithmetic operations, where it's treated as 0,
resulting in "0 hours" being shown instead of "1 hour", "2 hours", etc.
Bug: T198501
Change-Id: Iaa4e6170b30a7bb9ce0f22d9d2cc4772b0faa3b8
(cherry picked from commit
6b240c699eb1e965dad3c51107566f1f27ed1887)
Kunal Mehta [Sun, 24 Jun 2018 20:55:43 +0000 (23:55 +0300)]
GitInfo: Don't try shelling out if it's disabled
Bug: T198037
Change-Id: I364f9bc0e78439474101f4b2a171805c91f50a72
(cherry picked from commit
d503ac7c9433a36358b1db27c6365167ea869832)
Brad Jorsch [Fri, 4 May 2018 13:35:55 +0000 (09:35 -0400)]
BotPasswords: Indicate when a password needs reset
Certain things, such as changing the account's main login credentials,
causes all bot passwords to be invalidated. This state should be
indicated in Special:BotPasswords, and the API when login fails.
Bug: T193829
Change-Id: Ib12929fed861742c9f2f76702c9ac3254e8a5d97
(cherry picked from commit
ff6b4cb35c1944870fcd3cc525884790c20819b3)
Sam Wilson [Mon, 23 Apr 2018 03:55:24 +0000 (11:55 +0800)]
Add 'logid' parameter to Special:Log
Make it possible to get a URL for a single log entry,
as an alternative to using Special:Redirect/logid/123.
The existing single-log-entry link of Special:Redirect/logid/123
is also simplified to be a redirect to this new parameter.
Bug: T191608
Bug: T187638
Change-Id: I5f2e52531cd2ba617a25570e40aa8c5168e284d9
(cherry picked from commit
8e04e60113272d498070e51ff2b50412ae7a9234)
Brad Jorsch [Wed, 9 May 2018 19:14:38 +0000 (15:14 -0400)]
SECURITY: Special:BotPasswords should reauthenticate
More specifically, it should reauthenticate when creating a bot password
or resetting the password. But we may as well do it for all accesses.
Bug: T194237
Change-Id: I9a38a3109492753fff1f33c0f280e5b0f1fc1a76
Brad Jorsch [Tue, 3 Jul 2018 15:59:18 +0000 (11:59 -0400)]
Fix error in various deprecated selectFields() methods
When aliasing a field to null, it has to be aliased to the string 'NULL'
rather than PHP null.
Bug: T198687
Change-Id: I6096f306b97022da781eaabeb15e502f391673a9
(cherry picked from commit
377ce5a469476a0ec68a6f03e3f5714eb40caeff)
Aaron Schulz [Mon, 25 Jun 2018 20:14:08 +0000 (21:14 +0100)]
Avoid bad method call to patchPatch() in DbTestRecorder
Bug: T193995
Change-Id: Ibc480b04463792b7cd720a6eb080e0960a30e440
(cherry picked from commit
ec3289524e33fd93c9dc51c2a0ddffc24068583a)
Jayprakash12345 [Wed, 20 Jun 2018 16:38:40 +0000 (22:08 +0530)]
Correct $specialPageAliases for sa.wiki
Bug: T102320
Change-Id: I10bf5a0039235a5b149dcea6bd62176d3763acf9
(cherry picked from commit
8d963e6a93bd9bbcb6d817de8b2a06947583e3e8)
Edward Chernenko [Mon, 25 Jun 2018 22:45:13 +0000 (01:45 +0300)]
Fix PHP7 warning "non well formed numeric value encountered"
PHP 7.1 warns when non-numeric string is implicitly cast to integer.
Change-Id: Ia46ea793e9495548c7d421b3372f6deaeda163f5
(cherry picked from commit
0a4a274b6255cc543df459f16902c1619697068f)
Edward Chernenko [Tue, 19 Jun 2018 23:43:01 +0000 (02:43 +0300)]
Update git submodules
* Update skins/MonoBook from branch 'REL1_31'
to
53a78553e4b6cb091df318bf70291330f1425429
- Missing 'class' in "newtalk" notification
MonoBookTemplate incorrectly calls getIfExists() for newtalk/undelete:
attributes of wrapper <div> must be under the 'parameters' key.
Change-Id: I5392477d493174b0b5598927bfbcec2029b0987e
(cherry picked from commit
73ad6a7835b587035e127d32d4667ba16e43ad03)
Paladox [Sat, 16 Jun 2018 21:27:22 +0000 (21:27 +0000)]
Update git submodules
* Update skins/Timeless from branch 'REL1_31'
to
6860d4d96db3bfcc92172f08ddfe4a2344229937
- Fix sidebar closing on iOS
this follows this fix [1]
[1] https://stackoverflow.com/questions/
11397028/document-click-function-for-touch-device
Bug: T161470
Change-Id: I20e6a0e18a239131b94e4ab949b7784f241e4d40
Isarra [Wed, 13 Jun 2018 20:52:32 +0000 (20:52 +0000)]
Update git submodules
* Update skins/Timeless from branch 'REL1_31'
to
2126f76540981047f072d672be5c15475a2556cf
- Remove nonfunctional jquery mobile stuff
Does not appear to work, and is possibly breaking things elsewise as
well. In particular: chrome text selection in general, possibly iphone
support?
May or may not resolve the following; please test (does seem to
effectively resolve T183215, for now, at least, but dunno at all about
the other two.):
Bug: T161470
Bug: T183215
Bug: T188387
Change-Id: I2d4aae98fe47bce5a873bc44b6cea58f111f5086
MarcoAurelio [Thu, 14 Jun 2018 11:00:20 +0000 (13:00 +0200)]
Add Extension:Nuke submodule to REL1_31
Bug: T197229
Change-Id: I6dad2c00c7480894beeaf8979b8d66f4cc32cc89
Chad Horohoe [Wed, 13 Jun 2018 15:33:16 +0000 (11:33 -0400)]
Bump to 1.31.0 for final release
Change-Id: Ie743443584e2c7a3aac2d185de1c3cb2eeca80b6
Kunal Mehta [Tue, 12 Jun 2018 01:11:08 +0000 (18:11 -0700)]
Add release notes for
0eb4eaefd3 and
f7f71359
Change-Id: Ie139db2f178660aa42009661716290158d60c8fc
(cherry picked from commit
1f286e8d4019e7712916060ecb8dd00ff04fdc7b)
jenkins-bot [Tue, 12 Jun 2018 00:54:54 +0000 (00:54 +0000)]
Merge "parser: Validate $length in padleft/padright parser functions" into REL1_31
Kunal Mehta [Sun, 10 Jun 2018 18:09:07 +0000 (11:09 -0700)]
parser: Validate $length in padleft/padright parser functions
$length is user input, so cast it to an int before passing it to min().
If there is nothing to add at that point, return immediately.
In PHP 7.1+ this raised a warning of "A non-numeric value encountered"
because min() will return the junk value, returning a string. Then we
try and subtract an int from it (return value of mb_strlen()),
triggering the warning.
Added a parser test to verify the behavior, and confirmed that it
triggers warnings without the patch.
Bug: T180403
Change-Id: I614750962104f6251a864519035366ac9798fc0f
(cherry picked from commit
dc96f656affd1f8fab0ae72b0d96e77055e5b336)
dépôts / lhc / web / wiklou.git / log