Page MenuHomePhabricator

Fix phan-taint-check-plugin issues in FileImporter
Closed, ResolvedPublic2 Estimated Story Points

Description

phan-taint-check-plugin is a phan plugin meant to use static analysis to find certain types of security vulnerabilities in MediaWiki extensions.

See https://www.mediawiki.org/wiki/SecurityCheckPlugin

The current master if the FileImporter does not pass the checks.

Event Timeline

WMDE-Fisch set the point value for this task to 2.
WMDE-Fisch moved this task from Sprint Backlog to Review on the WMDE-QWERTY-Sprint-2018-07-31 board.

Change 450942 had a related patch set uploaded (by WMDE-Fisch; owner: WMDE-Fisch):
[mediawiki/extensions/FileImporter@master] Use phan-taint-check-plugin and fix issues

https://gerrit.wikimedia.org/r/450942

Change 451247 had a related patch set uploaded (by WMDE-Fisch; owner: WMDE-Fisch):
[integration/config@master] Enable phan-taint-check-plugin for FileImporter

https://gerrit.wikimedia.org/r/451247

Change 452375 had a related patch set uploaded (by Thiemo Kreuz (WMDE); owner: Thiemo Kreuz (WMDE)):
[mediawiki/extensions/FileImporter@master] Remove obsolete empty <div>

https://gerrit.wikimedia.org/r/452375

Change 450942 merged by jenkins-bot:
[mediawiki/extensions/FileImporter@master] Use phan-taint-check-plugin and fix issues

https://gerrit.wikimedia.org/r/450942

Change 451247 merged by jenkins-bot:
[integration/config@master] Enable phan-taint-check-plugin for FileImporter

https://gerrit.wikimedia.org/r/451247

Looks like this passes now and I just deployed the patch to enable the job in CI

Looks like this passes now and I just deployed the patch to enable the job in CI

Thanks Adam!

Change 452375 merged by jenkins-bot:
[mediawiki/extensions/FileImporter@master] Remove obsolete empty <div>

https://gerrit.wikimedia.org/r/452375

sbassett triaged this task as Medium priority.Oct 15 2019, 7:42 PM