|mediawiki/core||master||+39 -2||build: Enable SecurityCheck-DoubleEscaped and suppress issues|
|Resolved||Umherirrender||T231311 Enable seccheck for MW core|
|Open||None||T183174 UserGroupMembership::getLink() causes a significant portion of false positives for phan-taint-check-plugin|
|Resolved||None||T216348 Suppress or fix non-double escape phan-taint-check warnings for MW core|
|Stalled||Daimona||T268891 taint-check fails on array-plus and assumed int|float type|
|Resolved||Daimona||T268905 taint-check has trouble for taintedness of unknown array keys and reports possible false positives|
|Resolved||Umherirrender||T268920 taint-check 3.1.0 showing more issues from type SecurityCheck-OTHER|
FTR: I think the target version for this should be the next major version of taint-check. Lately, I've been focusing on core issues, so several false positives are now gone. I think a necessary (and perhaps also sufficient) condition is to have https://gerrit.wikimedia.org/r/#/c/mediawiki/tools/phan/SecurityCheckPlugin/+/605551/ included in the target version.