jenkins-bot [Wed, 12 Apr 2017 11:45:18 +0000 (11:45 +0000)]
Merge "Remove some ancient upgrade information from release notes"
jenkins-bot [Wed, 12 Apr 2017 06:58:13 +0000 (06:58 +0000)]
Merge "Preload the logo using link rel="preload" http header"
jenkins-bot [Wed, 12 Apr 2017 05:56:47 +0000 (05:56 +0000)]
Merge "Prevent PHPDBG from issuing notices in unit tests"
Timo Tijhof [Tue, 11 Apr 2017 00:57:16 +0000 (17:57 -0700)]
phpunit: Avoid use of wmf-production host names
* Remove used of 'eqiad' and 'wmnet' in unit tests.
Change-Id: I5bf19b63876e4dc8deaca8cd9907dca0bfa15455
Gilles Dubuc [Mon, 1 Jun 2015 16:58:42 +0000 (18:58 +0200)]
Preload the logo using link rel="preload" http header
This greatly increases the priority of loading
the logo on browsers that support rel="preload".
Bug: T100999
Change-Id: I0738fcc0a575153dab65016fa87faaa9b8b97a9d
jenkins-bot [Wed, 12 Apr 2017 01:29:58 +0000 (01:29 +0000)]
Merge "Remove "editusercssjs" user right"
jenkins-bot [Wed, 12 Apr 2017 00:08:25 +0000 (00:08 +0000)]
Merge "RCFilters UI: Adjust styles to OOUI's newest release"
Moriel Schottlender [Tue, 11 Apr 2017 01:09:58 +0000 (18:09 -0700)]
RCFilters UI: Adjust styles to OOUI's newest release
Slight modificationsfor OOUI 0.21.0
Change-Id: I8b1db97fd7d52a57a7e3bdd13cc7dc4e364b8976
Volker E [Tue, 11 Apr 2017 23:41:59 +0000 (16:41 -0700)]
Update OOjs UI to v0.21.0
Release notes:
https://phabricator.wikimedia.org/diffusion/GOJU/browse/master/History.md;v0.21.0
Change-Id: I94d5b7a89551e7d34d53223872ad3005f0ac4a04
jenkins-bot [Tue, 11 Apr 2017 23:13:33 +0000 (23:13 +0000)]
Merge "objectcache: Complete coverage for newAnything()"
jenkins-bot [Tue, 11 Apr 2017 23:00:36 +0000 (23:00 +0000)]
Merge "wikibits: Remove methods deprecated since 1.17 and 1.18"
jenkins-bot [Tue, 11 Apr 2017 22:48:27 +0000 (22:48 +0000)]
Merge "interwiki: Remove inappropiate use of wfMemcKey()"
Timo Tijhof [Tue, 11 Apr 2017 02:34:38 +0000 (19:34 -0700)]
interwiki: Remove inappropiate use of wfMemcKey()
This is used for lookup in a CDB file or PHP static array.
In neither case is the key created by wfMemcKey() or any other
implementation of BagOStuff::makeKey().
This is already broken if:
* An interwiki prefix were to contain characters not supported by
Memcached.
* An interwiki prefix and wikiid together are too long for Memcached.
* If the site has wgCachePrefix configured, which overrides the
wfWikiID() namespace makeKey() normally uses.
dumpInterwiki.php does not use wfMemcKey() either (and should not).
This was simply here as leftover from many rewrites ago, its
only purpose is to create wikiid + prefix joined by colon.
Ref T148958.
Change-Id: I45682133ed593fbb0d66af5a67751f77f15a4a14
jenkins-bot [Tue, 11 Apr 2017 22:25:33 +0000 (22:25 +0000)]
Merge "resourceloader: Add unit tests for ResourceLoaderImage"
Bartosz Dziewoński [Mon, 20 Mar 2017 19:34:21 +0000 (20:34 +0100)]
resourceloader: Add unit tests for ResourceLoaderImage
Follows-up I5b14d65a and I5a563c59.
Change-Id: Id42e1b868c9fe97cdb14b4bc7328947820a7fd94
Translation updater bot [Tue, 11 Apr 2017 20:18:15 +0000 (22:18 +0200)]
Localisation updates from https://translatewiki.net.
Change-Id: I9d8d4197b88a4ded273ec2ed874b0965d9df1bb8
Translation updater bot [Tue, 11 Apr 2017 20:11:37 +0000 (22:11 +0200)]
Localisation updates from https://translatewiki.net.
Change-Id: Ib863e1b841bed4ddf5bed7adb27d49cfa4b82ce3
Timo Tijhof [Sun, 10 Apr 2016 02:10:42 +0000 (03:10 +0100)]
wikibits: Remove methods deprecated since 1.17 and 1.18
Keeping only importScript and friends and addOnloadHook for now.
Inline wikiUrlencode logic so that the dependency on mediawiki.util can be
removed, which caused significant performance overhead (See I54f087655e1c).
Follows-up:
*
68fae478a8 (1.22; deprecation warnings for ua vars)
*
ec69391a4f (1.22; deprecation warnings for jsMsg)
*
fcf4934a52 (1.23; deprecation warnings for the rest)
The following have been deprecated since either 1.17 or 1.18. Deprecation
warnings were added in 1.22. Most of these variables have also been replaced
with dummy placeholders in 1.22 so that calling code is silently disabled
instead of causing cascading failures into other code. Anything still using
these variables to date has been broken since at least April 2013.
* User-Agent variables:
is_gecko, is_chrome_mac, is_chrome, webkit_version, is_safari_win, is_safari,
webkit_match, is_ff2, ff2_bugs, is_ff2_win, is_ff2_x11, opera95_bugs,
opera7_bugs, opera6_bugs, is_opera_95, is_opera_preseven, is_opera, ie6_bugs.
(deprecated since 1.17; warnings and hardcoded to false since 1.22)
clientPC
(deprecated since 1.17; warnings added in 1.22)
* DOM manipulation:
changeText, killEvt, addHandler, hookEvent, addClickHandler, removeHandler,
getElementsByClassName, getInnerText.
(deprecated since 1.17; replaced with no-op warning dummies in 1.22)
* Checkbox utilities:
setupCheckboxShiftClick, addCheckboxClickHandlers.
(deprecated since 1.17; replaced with no-op warning dummies in 1.22)
* Classic toolbar utilities:
mwEditButtons, mwCustomEditButtons
(deprecated since 1.17; replaced with no-op warning dummies in 1.22)
* Misc utilities:
- injectSpinner, removeSpinner, escapeQuotes, escapeQuotesHTML, jsMsg
(deprecated since 1.17; replaced with no-op warning dummies in 1.22)
- addPortletLink, appendCSS, tooltipAccessKeyPrefix,
tooltipAccessKeyRegexp, updateTooltipAccessKeys
(deprecated since 1.17; warnings added in 1.22)
Bug: T122755
Change-Id: I7f9f61ea81ad1efa0b5cff79b5e5f4bbe2d401fe
Kaldari [Tue, 11 Apr 2017 18:30:09 +0000 (11:30 -0700)]
Correcting qqq message about Special:AutoblockList submit button
Change-Id: I6d9c1f4cb223c12ee986848308aa1060499eac48
jenkins-bot [Tue, 11 Apr 2017 18:05:36 +0000 (18:05 +0000)]
Merge "First version of AutoblockList special page"
mainframe98 [Mon, 6 Mar 2017 20:09:36 +0000 (21:09 +0100)]
First version of AutoblockList special page
This patch introduces a new special page named AutoblockList.
Its design is reused from Special:BlockList.
Bug: T146414
Change-Id: I811d23c98be749d8df36700b07a295355691af77
jenkins-bot [Tue, 11 Apr 2017 14:07:11 +0000 (14:07 +0000)]
Merge "API: Optionally include in job queue size in maxlag"
zppix1 [Thu, 19 Jan 2017 02:37:17 +0000 (20:37 -0600)]
Remove "editusercssjs" user right
Deprecated since MediaWiki1.16
Change-Id: Ic9851d53affe0f4ece7a79f541ec5cb39133b109
jenkins-bot [Tue, 11 Apr 2017 04:23:44 +0000 (04:23 +0000)]
Merge "chmod -x SpecialNewpages.php"
Kunal Mehta [Mon, 10 Apr 2017 06:54:01 +0000 (23:54 -0700)]
API: Optionally include in job queue size in maxlag
maxlag is the default mechanism most bots and libraries use in
determining when to back off due to wiki overload. However these days,
there are other things that should be considered when asking bots to
back off, one of those is job queue size.
For compatibility and simplicity of use, the number of jobs is converted
into something resembling seconds using a configurable factor. We also
output the total number of jobs in the API error output so more
sophisticated clients can do a more advanced back off.
Bug: T160003
Change-Id: Iedae2344a3d93202efbdd1bf807cef6165b6257a
Kunal Mehta [Mon, 10 Apr 2017 22:07:49 +0000 (15:07 -0700)]
chmod -x SpecialNewpages.php
This is not an executable script.
Change-Id: I1daa0eff24f5a7b65c2df75f44c0e28d0795d9f6
Timo Tijhof [Mon, 10 Apr 2017 21:41:12 +0000 (14:41 -0700)]
objectcache: Complete coverage for newAnything()
* Fix typo that disabled testNewAnythingNoAccel().
Follows-up
c5a0fa5bed, accidentally committed a local hack
to disable the test.
* Add missing case other types falling back and no DB.
* Add missing case of no other types and no DB.
Change-Id: If158f21053f0b3741f2625fe4455fdb31955a22f
Arlo Breault [Mon, 10 Apr 2017 21:13:56 +0000 (17:13 -0400)]
Sync up with Parsoid parserTests.txt
This now aligns with Parsoid commit
906375badbbf3d10455f36d9ecbaa8f66f5e6425
Change-Id: I1a102a4b6988eb972215eb7210a44cdf19d04c47
Translation updater bot [Mon, 10 Apr 2017 20:15:15 +0000 (22:15 +0200)]
Localisation updates from https://translatewiki.net.
Change-Id: I6f8349c3dae6b75a0936e630d7339b94b0811ddb
jenkins-bot [Mon, 10 Apr 2017 18:59:12 +0000 (18:59 +0000)]
Merge "MediaSearchWidget: Listen to "change" event to reposition"
Moriel Schottlender [Wed, 5 Apr 2017 21:55:15 +0000 (14:55 -0700)]
MediaSearchWidget: Listen to "change" event to reposition
The "add" event is emitted too early (by the OO.EmitterList, before
the items are attached to the DOM) so instead we have to go by the
GroupElement event api itself -- which uses "change" event to all
item changes.
Listening to item change means that we are certain the items are
already attached to the DOM before we manipulate and read their
positioning, etc.
Bug: T162202
Change-Id: I3ef9d9451562c725e12a66b80048fc3836280d9f
jenkins-bot [Mon, 10 Apr 2017 18:50:19 +0000 (18:50 +0000)]
Merge "Add ?safemode=1 to disable user JS/CSS"
jenkins-bot [Mon, 10 Apr 2017 18:46:29 +0000 (18:46 +0000)]
Merge "RC Filters: correctly read default value for 'string_options' filters"
Ed Sanders [Wed, 6 Jul 2016 21:05:24 +0000 (22:05 +0100)]
Use classes instead of IDs for TOC collapsing
One may way to have multiple TOC's on the page (e.g. in VisualEditor).
Change-Id: I19701c4037b653b2944e407752e50f444861f883
jenkins-bot [Mon, 10 Apr 2017 16:14:50 +0000 (16:14 +0000)]
Merge "Fixes to mw.notifications"
jenkins-bot [Mon, 10 Apr 2017 15:53:15 +0000 (15:53 +0000)]
Merge "stylelint: Remove no-unsupported-browser-features exceptions"
jenkins-bot [Mon, 10 Apr 2017 15:50:40 +0000 (15:50 +0000)]
Merge "EditPage: Fix typo in comment"
Ed Sanders [Mon, 10 Apr 2017 15:13:20 +0000 (16:13 +0100)]
Fixes to mw.notifications
* Fix cutting of drop shadows
* Use null as default empty value
Change-Id: I09b77161c3a2cc0ef586c08c7287a73bd1dd2066
jenkins-bot [Mon, 10 Apr 2017 15:06:47 +0000 (15:06 +0000)]
Merge "Add UserGroupMembership details to the UserGroupsChanged hook"
Seb35 [Mon, 10 Apr 2017 11:32:15 +0000 (13:32 +0200)]
Prevent PHPDBG from issuing notices in unit tests
Although issuing PHP notices in unit tests is only a nice-to-have, the cause
is PHPDBG has no special treatment in JobQueueGroup at the contrary of the
PHP SAPI 'cli', and it may be desirable both 'command line SAPIs' have the
same behaviour.
This is the most apparent difference between cli and phpdbg but there could
be a dozen of other occurrences (see bug), potentially creating differences
in unit tests depending on the SAPI.
Bug: T162591
Change-Id: Idf9c14db72f1f768c5a17b49ed689a05922c57d3
Aaron Schulz [Tue, 21 Mar 2017 18:47:52 +0000 (11:47 -0700)]
Add EtcdConfig class
Bug: T156924
Change-Id: I60914d31c21484bfb935fe3d8c3168b51a2d5d1b
Translation updater bot [Sun, 9 Apr 2017 19:52:36 +0000 (21:52 +0200)]
Localisation updates from https://translatewiki.net.
Change-Id: I742a743e37c056c2bc04d09a1ce86d05aa65ae1d
Ed Sanders [Sun, 9 Apr 2017 17:04:06 +0000 (18:04 +0100)]
stylelint: Remove no-unsupported-browser-features exceptions
We no longer use this rule.
Change-Id: I97063c786952364620a7380936da14ebeb1aa1d9
Ed Sanders [Sun, 9 Apr 2017 17:03:32 +0000 (18:03 +0100)]
EditPage: Fix typo in comment
Change-Id: I084933a733c704188217c1d306454d2fed08b59b
Translation updater bot [Sat, 8 Apr 2017 20:36:24 +0000 (22:36 +0200)]
Localisation updates from https://translatewiki.net.
Change-Id: I325563cad264df780d346f76427a324f7b58160d
jenkins-bot [Sat, 8 Apr 2017 09:36:21 +0000 (09:36 +0000)]
Merge "ApiPageSet: Follow RedirectSpecialArticle redirects"
jenkins-bot [Sat, 8 Apr 2017 09:33:14 +0000 (09:33 +0000)]
Merge "Add .rej files to .gitignore"
jenkins-bot [Sat, 8 Apr 2017 09:20:25 +0000 (09:20 +0000)]
Merge "Update HISTORY for 1.28.1/1.27.2/1.23.16"
This, that and the other [Sat, 8 Apr 2017 07:32:53 +0000 (17:32 +1000)]
Add UserGroupMembership details to the UserGroupsChanged hook
For Echo.
Bug: T159301
Change-Id: I5d32445f8e5b41599889b8488a2431e7a908f858
umherirrender [Sat, 29 Oct 2016 14:33:13 +0000 (16:33 +0200)]
Move count of revisions/files out of undelete log comment
The log comment on undelete contains a hint about the count of restored
files and/or revisions.
Move this text out of the comment to allow longer comments. Also makes
this information readable inside the api.
This is only for new log entries. Old entries will still show the hint
from the comment and no data in the api.
Change-Id: I9e30eb1271656bb81259a408210e9a282e949c57
jenkins-bot [Sat, 8 Apr 2017 02:26:47 +0000 (02:26 +0000)]
Merge "Use IDatabase type hints in /maintenance"
jenkins-bot [Sat, 8 Apr 2017 00:00:46 +0000 (00:00 +0000)]
Merge "objectcache: Complete code coverage for CachedBagOStuff"
jenkins-bot [Fri, 7 Apr 2017 23:51:28 +0000 (23:51 +0000)]
Merge "objectcache: Fix CachedBagOStuff to use backend makeKey()"
jenkins-bot [Fri, 7 Apr 2017 23:48:10 +0000 (23:48 +0000)]
Merge "Database: clean up lockTables() and add postgres support"
Aaron Schulz [Thu, 30 Mar 2017 20:46:06 +0000 (13:46 -0700)]
Use IDatabase type hints in /maintenance
Relatedly, move lockTables()/unlockTables() to IMaintainableDatabase
Change-Id: Ib53e9fa948deb2f9a70f0ce16c002613d0060bf9
Timo Tijhof [Fri, 7 Apr 2017 23:30:33 +0000 (16:30 -0700)]
objectcache: Complete code coverage for CachedBagOStuff
Change-Id: I8a228d68701f1ad4d37f60de53d105c32898dc8b
Timo Tijhof [Fri, 7 Apr 2017 23:11:40 +0000 (16:11 -0700)]
objectcache: Fix CachedBagOStuff to use backend makeKey()
Follows-up
25dbd91513f1e5.
Change-Id: Ib727c57cb27f05c0462bfdfee89a185ef6603ddd
Aaron Schulz [Thu, 30 Mar 2017 21:56:22 +0000 (14:56 -0700)]
Database: clean up lockTables() and add postgres support
A new method is now available to check whether session scope
locks are supported, which callers typically want when using lock().
Its usage can avoid deadlock prone and expensive row-level locks for
some maintenance tasks.
For Postgres, table locks are tied to the transaction. Trigger
startAtomic() in lockTables() and endAtomic() in unlockTables() to
assure that a transaction is present.
Also remove LOW_PRIORITY feature, which is ignored by mysql.
Change-Id: I499061bcc2763afb1ff4a43319064eed4ba3a8fe
Translation updater bot [Fri, 7 Apr 2017 20:04:40 +0000 (22:04 +0200)]
Localisation updates from https://translatewiki.net.
Change-Id: I4ccefb84808700373dfb0a694991a5c47fe9a48b
Moriel Schottlender [Fri, 7 Apr 2017 18:15:17 +0000 (11:15 -0700)]
RCFilters UI: Check that filter exists before changing its state
Bug: T162417
Change-Id: I53bdd8106f5072f70f2618f2b6e6c9da37675fc9
Reedy [Fri, 7 Apr 2017 09:52:29 +0000 (10:52 +0100)]
Update HISTORY for 1.28.1/1.27.2/1.23.16
Bug: T162170
Change-Id: Ic9d0eb183c56caa2955509f1e74cec1f101b89e1
jenkins-bot [Thu, 6 Apr 2017 23:30:01 +0000 (23:30 +0000)]
Merge "phpunit: Avoid use of deprecated getMock for PHPUnit 5 compat"
Reedy [Thu, 6 Apr 2017 22:23:03 +0000 (23:23 +0100)]
Add .rej files to .gitignore
Change-Id: Ie4f470f5f0528308871b78c7c823851b0a45e8eb
jenkins-bot [Thu, 6 Apr 2017 21:46:48 +0000 (21:46 +0000)]
Merge "SECURITY: Do not allow users to undelete a page they can't edit or create"
L10n-bot [Thu, 6 Apr 2017 21:44:25 +0000 (21:44 +0000)]
Merge "Revert "Localisation updates from https://translatewiki.net.""
Raimond Spekking [Thu, 6 Apr 2017 21:44:02 +0000 (21:44 +0000)]
Revert "Localisation updates from https://translatewiki.net."
Overwrites changes
This reverts commit
ead4315a667fc4c22790681e24d09972ab37123e.
Change-Id: Iee963af531c40495d65e6414b3bb3f5cf860dd85
jenkins-bot [Thu, 6 Apr 2017 21:28:45 +0000 (21:28 +0000)]
Merge "SECURITY: Always normalize link url before adding to ParserOutput"
jenkins-bot [Thu, 6 Apr 2017 21:28:41 +0000 (21:28 +0000)]
Merge "SECURITY: Don't write LocalisationCache to temporary directory"
jenkins-bot [Thu, 6 Apr 2017 21:28:37 +0000 (21:28 +0000)]
Merge "SECURITY: Whitelist DTD declaration in SVG"
jenkins-bot [Thu, 6 Apr 2017 21:28:34 +0000 (21:28 +0000)]
Merge "SECURITY: Escape wikitext content model/format in message"
jenkins-bot [Thu, 6 Apr 2017 21:10:22 +0000 (21:10 +0000)]
Merge "SECURITY: SpecialWatchlist: Check CSRF token when using "Mark all pages visited""
L10n-bot [Thu, 6 Apr 2017 21:09:40 +0000 (21:09 +0000)]
Merge "Localisation updates from https://translatewiki.net."
Translation updater bot [Thu, 6 Apr 2017 21:09:29 +0000 (23:09 +0200)]
Localisation updates from https://translatewiki.net.
Change-Id: Ia470eb8a4c72ef0ae0031271cbd4384c5703176f
Brian Wolff [Mon, 13 Jun 2016 07:07:48 +0000 (03:07 -0400)]
SECURITY: Do not allow users to undelete a page they can't edit or create
If the page exists, it only checks edit rights, otherwise it
checks both edit and create rights.
This would only matter on wikis that have a non-default rights
configuration where there are users with undelete rights but a
restriction level enabled that prevents them from creating/editing
pages (or they otherwise aren't allowed to edit/create)
It should be noted that the error messages aren't used in the
normal UI currently, but they could be in the future, and
extensions could potentially be using them (The backend functions
return them, but the UI functions in Special:Undelete ignore
them)
Bug: T108138
Change-Id: I164b80534cf89e0afca264e9de07431484af8508
Brian Wolff [Fri, 11 Mar 2016 01:08:06 +0000 (20:08 -0500)]
SECURITY: Always normalize link url before adding to ParserOutput
Move link normalization directly into addExternalLink() method,
since you always need to do it - having it separate is just
inviting people to forget to normalize a link.
Additionally, links weren't properly registered for <gallery>.
This was somewhat unnoticed, as the call to recursiveTagParse()
would register free links, but it wouldn't work for example with
protocol relative links.
Issue originally reported by MZMcBride.
Bug: T48143
Change-Id: I557fb3b433ef9d618097b6ba4eacc6bada250ca2
Reedy [Tue, 28 Mar 2017 20:47:08 +0000 (21:47 +0100)]
SECURITY: Don't write LocalisationCache to temporary directory
Bug: T161453
Change-Id: I51b375c63fcece908da921c465c861968c9eee1c
Brian Wolff [Mon, 28 Nov 2016 23:34:24 +0000 (23:34 +0000)]
SECURITY: Whitelist DTD declaration in SVG
Only allow ENTITY declarations inside the doctype internal
subset. Do not allow parameter entities, recursive entity
references are entity values longer than 255 bytes, or
external entity references. Filter external doctype subset
to only allow the standard svg doctypes.
Recursive entities that are simple aliases are allowed
because people appear to use them on commons. Declaring
xmlns:xlink to have a #FIXED value to the xlink namespace
is allowed because GraphViz apparently does that so its
somewhat common.
This prevents someone bypassing filter by using default
attribute values in internal dtd subset. No browser loads
the external dtd subset that I could find, but whitelist
just to be safe anyways.
Issue reported by Cassiogomes11.
Bug: T151735
Change-Id: I7cb4690f759ad97e70e06e560978b6207d84c446
Brian Wolff [Mon, 13 Mar 2017 21:20:02 +0000 (21:20 +0000)]
SECURITY: Escape wikitext content model/format in message
Escape wikitext in model= and format= url parameter to
edit page. This goes along with
1c788944 to help prevent
XSS for wikis with $wgRawHtml = true; set.
Bug: T156184
Change-Id: Ifcaa2ccf05a2a691d0b150e2f7e0e765db25fc7f
Bartosz Dziewoński [Mon, 7 Nov 2016 19:10:21 +0000 (20:10 +0100)]
SECURITY: SpecialWatchlist: Check CSRF token when using "Mark all pages visited"
Bug: T150044
Change-Id: I7f75cab4ceb4a2c320af210fad15956b70c29661
Brad Jorsch [Thu, 18 Aug 2016 17:37:05 +0000 (13:37 -0400)]
SECURITY: API: Don't log "sensitive" parameters
Stuff like passwords and CSRF tokens shouldn't be in the logs.
The fact of being sensitive is intentionally separated from the need to
be in the POST body because, for example, the wltoken parameter to
ApiQueryWatchlist needs to be in the query string to serve its purpose
but still shouldn't be logged.
Bug: T125177
Change-Id: I1d61f4dcf792d77401ee2e2988b1afcb2a2ad58f
Brian Wolff [Mon, 26 Sep 2016 10:40:30 +0000 (10:40 +0000)]
SECURITY: XSS in search if $wgAdvancedSearchHighlighting = true;
In the non-default configuration where $wgAdvancedSearchHighlighting
is set to true, there is an XSS vulnerability as HTML tags are
not properly escaped if the tag spans multiple search results
Issue introduced in
abf726ea0 (MediaWiki 1.13 and above).
Bug: T144845
Change-Id: I2db7888d591b97f1a01bfd3b7567ce6f169874d3
Brian Wolff [Sun, 7 Feb 2016 13:07:20 +0000 (08:07 -0500)]
SECURITY: Do not directly redirect to interwikis, but use splash page
Directly redirecting based on a url paramter might potentially
be used in a phishing attack to confuse users.
Bug: T109140
Bug: T122209
Change-Id: I6c604439320fa876719933cc7f3a3ff04fb1a6ad
jenkins-bot [Thu, 6 Apr 2017 20:03:18 +0000 (20:03 +0000)]
Merge "Avoid duplicate key generation code in MessageCache"
jenkins-bot [Thu, 6 Apr 2017 17:35:00 +0000 (17:35 +0000)]
Merge "RecentChanges: Allow resetting date selection"
Moriel Schottlender [Wed, 5 Apr 2017 23:05:51 +0000 (16:05 -0700)]
RecentChanges: Allow resetting date selection
Add a link that resets the date selection if it is selected.
Bug: T160028
Change-Id: I4ecff943025635f42eb70fc70c6dfdf34c314707
jenkins-bot [Thu, 6 Apr 2017 13:08:31 +0000 (13:08 +0000)]
Merge "RCFilters: React to popup 'ready' event"
Aaron Schulz [Thu, 6 Apr 2017 06:16:16 +0000 (23:16 -0700)]
Avoid duplicate key generation code in MessageCache
Also explain the use of !NONEXISTANT in the comments a bit more.
Change-Id: Ib087df9bf31023e7acaf2116e74b2dfeda10c9d2
jenkins-bot [Thu, 6 Apr 2017 03:17:42 +0000 (03:17 +0000)]
Merge "Add ar_ prefix back to usertext_timestamp USE INDEX"
jenkins-bot [Thu, 6 Apr 2017 01:44:41 +0000 (01:44 +0000)]
Merge "resourceloader: Improve code coverage"
jenkins-bot [Thu, 6 Apr 2017 01:30:44 +0000 (01:30 +0000)]
Merge "Reduce contention during view-based category count refreshes"
Timo Tijhof [Thu, 6 Apr 2017 01:19:48 +0000 (18:19 -0700)]
resourceloader: Improve code coverage
* Missing cases for StartupModule::getModuleRegistrations
(now 100% covered)
- Raw modules are omitted from the manifest.
E.g. The base modules ('jquery', 'mediawiki') are raw modules
that we don't register client side (they can't load themselves).
- Exceptions from getVersionHash() are caught.
- Oversized versions are re-hashed.
* Missing cases for ResourceLoader::makeLoaderRegisterScript.
(now 100% covered)
* Missing cases for ResourceLoader::getModule.
(now 100% covered)
Change-Id: If9717a48195fc6ae776da5d0e86f323d7f60426d
Timo Tijhof [Wed, 5 Apr 2017 23:39:50 +0000 (16:39 -0700)]
phpunit: Avoid use of deprecated getMock for PHPUnit 5 compat
The default will remain PHPUnit 4.x due to PHP 5.5 support.
But, we should allow developers to run tests with newer PHPUnit
versions which are noticably faster (especially for code coverage
reports).
* <https://github.com/sebastianbergmann/phpunit/wiki/Release-Announcement-for-PHPUnit-5.4.0>
PHPUnit 5 deprecates the getMock() shortcut for getMockBuilder()->getMock().
It instead introduces the shortcut createMock() which has better defaults
than getMockBuilder(). For example, it sets 'disableArgumentCloning' and
other things by default.
Going forward, code should either use getMockBuilder directly and configure
it using the setter methods (instead of the confusing variadic arguments
of getMock) or simply use the new minimalistic createMock method. This patch
backports the createMock method to MediaWikiTestCase so that we can start
using it.
Change-Id: I091c0289b21d2b1c876adba89529dc3e72b99af2
Aaron Schulz [Thu, 6 Apr 2017 00:25:45 +0000 (17:25 -0700)]
Reduce contention during view-based category count refreshes
Bug: T162121
Change-Id: I05b539922508d5e73979ccc8ea1c148b16dd13db
jenkins-bot [Wed, 5 Apr 2017 23:56:23 +0000 (23:56 +0000)]
Merge "phpunit: Remove unused assertEmpty() fallback for PHPUnit 3 compat"
Reedy [Thu, 30 Mar 2017 12:30:07 +0000 (13:30 +0100)]
Add ar_ prefix back to usertext_timestamp USE INDEX
This is the correct/canonical index name. For usages on mysql it will
map to the unprefixed version.
Bug: T154872
Change-Id: Ie2daf7b33428855ac59c85bf04a99a9bca7feba1
jenkins-bot [Wed, 5 Apr 2017 23:31:47 +0000 (23:31 +0000)]
Merge "RCFilters UI: Use pixel instead of em for distancing the highlight dots"
Timo Tijhof [Wed, 5 Apr 2017 23:17:43 +0000 (16:17 -0700)]
phpunit: Remove unused assertEmpty() fallback for PHPUnit 3 compat
We always run with PHPUnit 4. We're also forward-compatible with
PHPUnit 5 (albeit with deprecation notices).
PHPUnit 3 is no longer supported.
Keep __call() to make it easy to re-introduce back-compat or
future-compat logic in the future (like the next patch does).
Change-Id: I4f836db12d43fb22c4c38c0e1401675d751d7841
Moriel Schottlender [Wed, 5 Apr 2017 22:37:45 +0000 (15:37 -0700)]
RCFilters UI: Use pixel instead of em for distancing the highlight dots
Also, make the circles slightly bigger; the 5px value made the circles
look slightly squarish, so we increase the radius by 1 pixel to 6px.
Bug: T161258
Change-Id: I483dc698ba15380990ded097caec24b408fba43a
jenkins-bot [Wed, 5 Apr 2017 22:39:45 +0000 (22:39 +0000)]
Merge "Fix incorrect index name in new 1.28.0 installations"
Tim Starling [Mon, 3 Apr 2017 03:00:30 +0000 (13:00 +1000)]
Fix incorrect index name in new 1.28.0 installations
This index name should be the same in new installations as in all other
MySQL installations. This is necessary so that
Special:DeletedContributions does not give an SQL error. Release notes
will go in the 1.28 branch.
Bug: T154872
Change-Id: I535a5513ab56203139c4cf64874ea7e7498990e3
dépôts / lhc / web / wiklou.git / log