Page MenuHomePhabricator

Add phan-taint-check-plugin to FundraisingEmailUnsubscribe extension
Closed, ResolvedPublic

Description

Would be nice to add phan-taint-check-plugin to FundraisingEmailUnsubscribe extensions

Event Timeline

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptAug 21 2018, 12:25 PM

Change 458979 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[mediawiki/extensions/FundraisingEmailUnsubscribe@master] Configure phan-taint-check 1.5.0

https://gerrit.wikimedia.org/r/458979

Change 458980 had a related patch set uploaded (by Brian Wolff; owner: Brian Wolff):
[integration/config@master] Enable phan-taint-check on FundraisingEmailUnsubscribe

https://gerrit.wikimedia.org/r/458980

Bawolff added a subscriber: Bawolff.Sep 8 2018, 2:34 AM

Huh. Currently failing due to:
Package mediawiki/phan-taint-check-plugin at version 1.5.0 has a PHP requirement incompatible with your PHP version (5.6.33)

I suppose that is due to the config line in composer.json that this extension has.

Change 458980 abandoned by Brian Wolff:
Enable phan-taint-check on FundraisingEmailUnsubscribe

Reason:
Nevermind

https://gerrit.wikimedia.org/r/458980

Huh. Currently failing due to:
Package mediawiki/phan-taint-check-plugin at version 1.5.0 has a PHP requirement incompatible with your PHP version (5.6.33)
I suppose that is due to the config line in composer.json that this extension has.

Run taint-check-plugin with --ignore-platform-reqs because it is not used in production?

Legoktm claimed this task.Sep 8 2018, 10:54 PM

Change 459265 had a related patch set uploaded (by Legoktm; owner: Legoktm):
[integration/config@master] seccheck: Install plugin into /opt/phan

https://gerrit.wikimedia.org/r/459265

Change 459265 merged by jenkins-bot:
[integration/config@master] seccheck: Install plugin into /opt/phan

https://gerrit.wikimedia.org/r/459265

Change 458980 restored by Legoktm:
Enable phan-taint-check on FundraisingEmailUnsubscribe

https://gerrit.wikimedia.org/r/458980

Change 458980 merged by jenkins-bot:
[integration/config@master] Enable phan-taint-check on FundraisingEmailUnsubscribe

https://gerrit.wikimedia.org/r/458980

Huh. Currently failing due to:
Package mediawiki/phan-taint-check-plugin at version 1.5.0 has a PHP requirement incompatible with your PHP version (5.6.33)
I suppose that is due to the config line in composer.json that this extension has.

Run taint-check-plugin with --ignore-platform-reqs because it is not used in production?

That was my initial thought, but I'm worried about that causing problems later on. I played around a bit and with some advice from bawolff I got CI to install the plugin in a separate directory so it won't be affected by the extensions' own config. This will also fix the problem of BlueSpice* depending upon ext-tidy, which wasn't installed in the docker container.

Change 458979 merged by jenkins-bot:
[mediawiki/extensions/FundraisingEmailUnsubscribe@master] Configure phan-taint-check 1.5.0

https://gerrit.wikimedia.org/r/458979

Legoktm closed this task as Resolved.Sep 9 2018, 2:38 AM

Huh. Currently failing due to:
Package mediawiki/phan-taint-check-plugin at version 1.5.0 has a PHP requirement incompatible with your PHP version (5.6.33)
I suppose that is due to the config line in composer.json that this extension has.

Run taint-check-plugin with --ignore-platform-reqs because it is not used in production?

That was my initial thought, but I'm worried about that causing problems later on. I played around a bit and with some advice from bawolff I got CI to install the plugin in a separate directory so it won't be affected by the extensions' own config. This will also fix the problem of BlueSpice* depending upon ext-tidy, which wasn't installed in the docker container.

That sounds like a good solution. It needs to install some extra packages, but that is okay.

The normal phan job install in /src/phan/ to bypass the same problems (I guess).