$this->compatChecks();
} else {
$this->output( "Skipping compatibility checks, proceed at your own risk (Ctrl+C to abort)\n" );
- wfCountDown( 5 );
+ $this->countDown( 5 );
}
// Check external dependencies are up to date
# This will vomit up an error if there are permissions problems
$db = $this->getDB( DB_MASTER );
+ # Check to see whether the database server meets the minimum requirements
+ /** @var DatabaseInstaller $dbInstallerClass */
+ $dbInstallerClass = Installer::getDBInstallerClass( $db->getType() );
+ $status = $dbInstallerClass::meetsMinimumRequirement( $db->getServerVersion() );
+ if ( !$status->isOK() ) {
+ // This might output some wikitext like <strong> but it should be comprehensible
+ $text = $status->getWikiText();
+ $this->error( $text, 1 );
+ }
+
$this->output( "Going to run database updates for " . wfWikiID() . "\n" );
if ( $db->getType() === 'sqlite' ) {
/** @var IMaintainableDatabase|DatabaseSqlite $db */
if ( !$this->hasOption( 'quick' ) ) {
$this->output( "Abort with control-c in the next five seconds "
. "(skip this countdown with --quick) ... " );
- wfCountDown( 5 );
+ $this->countDown( 5 );
}
$time1 = microtime( true );
+ $badPhpUnit = dirname( __DIR__ ) . '/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php';
+ if ( file_exists( $badPhpUnit ) ) {
+ // @codingStandardsIgnoreStart Generic.Files.LineLength.TooLong
+ // Bad versions of the file are:
+ // https://raw.githubusercontent.com/sebastianbergmann/phpunit/c820f915bfae34e5a836f94967a2a5ea5ef34f21/src/Util/PHP/eval-stdin.php
+ // https://raw.githubusercontent.com/sebastianbergmann/phpunit/3aaddb1c5bd9b9b8d070b4cf120e71c36fd08412/src/Util/PHP/eval-stdin.php
+ // @codingStandardsIgnoreEnd
+ $md5 = md5_file( $badPhpUnit );
+ if ( $md5 === '120ac49800671dc383b6f3709c25c099'
+ || $md5 === '28af792cb38fc9a1b236b91c1aad2876'
+ ) {
+ $success = unlink( $badPhpUnit );
+ if ( $success ) {
+ $this->output( "Removed PHPUnit eval-stdin.php to protect against CVE-2017-9841\n" );
+ } else {
+ $this->error( "Unable to remove $badPhpUnit, you should manually. See CVE-2017-9841" );
+ }
+ }
+ }
+
$shared = $this->hasOption( 'doshared' );
$updates = [ 'core', 'extensions' ];