Would be nice to add phan-taint-check-plugin to CheckUser extensions
<?xml version="1.0" encoding="ISO-8859-15"?>
<checkstyle version="6.5">
<file name="./includes/specials/SpecialCheckUser.php">
<error line="766" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialCheckUser::doIPEditsRequest that outputs using tainted argument $s. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./includes/specials/SpecialCheckUser.php +760; ./includes/specials/SpecialCheckUser.php +763; ./includes/specials/SpecialCheckUser.php +766)" source="SecurityCheck-XSS"/>
<error line="868" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialCheckUser::doUserEditsRequest that outputs using tainted argument $s. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./includes/specials/SpecialCheckUser.php +858; ./includes/specials/SpecialCheckUser.php +855; ./includes/specials/SpecialCheckUser.php +860; ./includes/specials/SpecialCheckUser.php +864; ./includes/specials/SpecialCheckUser.php +866)" source="SecurityCheck-XSS"/>
<error line="901" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialCheckUser::doUserEditsRequest that outputs using tainted argument $html. (Caused by: Builtin-\OutputPage::addHTML) (Caused by: ./includes/specials/SpecialCheckUser.php +896; ./includes/specials/SpecialCheckUser.php +898)" source="SecurityCheck-XSS"/>
</file>
</checkstyle>The issue is in CUChangesLine, but I cannot find the line in this string concat