Page MenuHomePhabricator
Create Task
Maniphest T187497

Set phan-taint-check plugin version in extensions themselves instead of hardcoding it in CI
Closed, ResolvedPublic
Actions

Description

To make upgrading/releasing new versions of the phan-taint-check plugin sane, we need to move the version number into extensions themselves, so we can do per-repository upgrades. However, we can't use the normal require-dev method, since the plugin depends upon exactly PHP 7.0.x, so it would prevent installation on any newer or older version.

Instead, I propose/plan on using composer.json's extra field:

"extra": {
    "phan-taint-check-plugin": "1.1.0",
},

And CI will read from that to determine which version of the plugin to install.

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/SpamBlacklistmaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/WikiEditormaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/TitleBlacklistmaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/PdfHandlermaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/SyntaxHighlight_GeSHimaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/Poemmaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/ParserFunctionsmaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/ConfirmEditmaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/Citemaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/LocalisationUpdatemaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/CiteThisPagemaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/Nukemaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/ImageMapmaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/Gadgetsmaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/Interwikimaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/InputBoxmaster+3 -0
Set phan-taint-check-plugin version in composer.jsonmediawiki/extensions/Renameusermaster+3 -0
Read phan-taint-check-plugin version out of composer.jsonintegration/configmaster+44 -1
Show related patches Customize query in gerrit

Related Objects
Search...

Event Timeline

Legoktm created this task.Feb 15 2018, 8:29 PM
Restricted Application removed a project: Patch-For-Review. · View Herald TranscriptFeb 15 2018, 8:29 PM
Restricted Application added a subscriber: Aklapper. · View Herald Transcript
gerritbot subscribed.Feb 16 2018, 8:19 AM

Change 411186 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[integration/config@master] Read phan-taint-check-plugin version out of composer.json

https://gerrit.wikimedia.org/r/411186

gerritbot added a project: Patch-For-Review.Feb 16 2018, 8:19 AM
Umherirrender subscribed.Feb 16 2018, 5:01 PM

See also T174339 for the same issue with phan itself

gerritbot added a comment.Feb 16 2018, 9:25 PM

Change 411186 merged by jenkins-bot:
[integration/config@master] Read phan-taint-check-plugin version out of composer.json

https://gerrit.wikimedia.org/r/411186

gerritbot added a comment.Feb 16 2018, 9:32 PM

Change 411465 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/Renameuser@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411465

gerritbot added a comment.Feb 16 2018, 9:40 PM

Change 411467 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/Cite@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411467

gerritbot added a comment.Feb 16 2018, 9:40 PM

Change 411468 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/CiteThisPage@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411468

gerritbot added a comment.Feb 16 2018, 9:40 PM

Change 411469 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/ConfirmEdit@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411469

gerritbot added a comment.Feb 16 2018, 9:40 PM

Change 411470 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/Gadgets@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411470

gerritbot added a comment.Feb 16 2018, 9:40 PM

Change 411471 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/ImageMap@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411471

gerritbot added a comment.Feb 16 2018, 9:41 PM

Change 411472 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/InputBox@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411472

gerritbot added a comment.Feb 16 2018, 9:41 PM

Change 411473 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/Interwiki@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411473

gerritbot added a comment.Feb 16 2018, 9:41 PM

Change 411474 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/LocalisationUpdate@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411474

gerritbot added a comment.Feb 16 2018, 9:43 PM

Change 411475 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/Nuke@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411475

gerritbot added a comment.Feb 16 2018, 9:43 PM

Change 411476 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/ParserFunctions@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411476

gerritbot added a comment.Feb 16 2018, 9:44 PM

Change 411477 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/PdfHandler@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411477

gerritbot added a comment.Feb 16 2018, 9:44 PM

Change 411478 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/Poem@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411478

gerritbot added a comment.Feb 16 2018, 9:44 PM

Change 411479 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/SpamBlacklist@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411479

gerritbot added a comment.Feb 16 2018, 9:44 PM

Change 411480 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/SyntaxHighlight_GeSHi@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411480

gerritbot added a comment.Feb 16 2018, 9:44 PM

Change 411481 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/TitleBlacklist@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411481

gerritbot added a comment.Feb 16 2018, 9:44 PM

Change 411482 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[mediawiki/extensions/WikiEditor@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411482

gerritbot added a comment.Feb 16 2018, 9:49 PM

Change 411465 merged by jenkins-bot:
[mediawiki/extensions/Renameuser@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411465

ReleaseTaggerBot added a project: MW-1.31-release-notes (WMF-deploy-2018-02-20 (1.31.0-wmf.22)).Feb 16 2018, 10:00 PM
gerritbot added a comment.Feb 16 2018, 10:01 PM

Change 411482 merged by jenkins-bot:
[mediawiki/extensions/WikiEditor@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411482

gerritbot added a comment.Feb 16 2018, 10:01 PM

Change 411481 merged by jenkins-bot:
[mediawiki/extensions/TitleBlacklist@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411481

gerritbot added a comment.Feb 16 2018, 10:01 PM

Change 411479 merged by jenkins-bot:
[mediawiki/extensions/SpamBlacklist@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411479

gerritbot added a comment.Feb 16 2018, 10:02 PM

Change 411476 merged by jenkins-bot:
[mediawiki/extensions/ParserFunctions@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411476

gerritbot added a comment.Feb 16 2018, 10:02 PM

Change 411472 merged by jenkins-bot:
[mediawiki/extensions/InputBox@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411472

gerritbot added a comment.Feb 16 2018, 10:02 PM

Change 411470 merged by jenkins-bot:
[mediawiki/extensions/Gadgets@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411470

gerritbot added a comment.Feb 16 2018, 10:02 PM

Change 411473 merged by jenkins-bot:
[mediawiki/extensions/Interwiki@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411473

gerritbot added a comment.Feb 16 2018, 10:04 PM

Change 411480 merged by jenkins-bot:
[mediawiki/extensions/SyntaxHighlight_GeSHi@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411480

gerritbot added a comment.Feb 16 2018, 10:04 PM

Change 411471 merged by jenkins-bot:
[mediawiki/extensions/ImageMap@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411471

gerritbot added a comment.Feb 16 2018, 10:04 PM

Change 411478 merged by jenkins-bot:
[mediawiki/extensions/Poem@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411478

gerritbot added a comment.Feb 16 2018, 10:10 PM

Change 411477 merged by jenkins-bot:
[mediawiki/extensions/PdfHandler@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411477

gerritbot added a comment.Feb 16 2018, 10:10 PM

Change 411475 merged by jenkins-bot:
[mediawiki/extensions/Nuke@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411475

gerritbot added a comment.Feb 16 2018, 10:10 PM

Change 411468 merged by jenkins-bot:
[mediawiki/extensions/CiteThisPage@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411468

gerritbot added a comment.Feb 16 2018, 10:10 PM

Change 411474 merged by jenkins-bot:
[mediawiki/extensions/LocalisationUpdate@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411474

gerritbot added a comment.Feb 16 2018, 10:18 PM

Change 411469 merged by jenkins-bot:
[mediawiki/extensions/ConfirmEdit@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411469

gerritbot added a comment.Feb 16 2018, 10:18 PM

Change 411467 merged by jenkins-bot:
[mediawiki/extensions/Cite@master] Set phan-taint-check-plugin version in composer.json

https://gerrit.wikimedia.org/r/411467

Legoktm closed this task as Resolved.Feb 16 2018, 10:21 PM
cicalese moved this task from Ready to Done on the MediaWiki-Platform-Team-Archived (MWPT-Q3-Jan-Mar-2018) board.Feb 20 2018, 12:57 AM
sbassett moved this task from Incoming to Our Part Is Done on the Security-Team board.Jun 11 2019, 6:31 PM
sbassett moved this task from Backlog to Done on the phan-taint-check-plugin board.Oct 15 2019, 7:05 PM
sbassett triaged this task as Medium priority.Oct 15 2019, 7:09 PM
sbassett removed a project: Patch-For-Review.
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits