https://integration.wikimedia.org/ci/job/mwext-php72-phan-seccheck-docker/12467/console
<?xml version="1.0" encoding="ISO-8859-15"?> <checkstyle version="6.5"> <file name="includes/RenameuserLogFormatter.php"> <error line="34" severity="warning" message="Calling method \RenameuserLogFormatter::myPageLink() in \RenameuserLogFormatter::getMessageParameters that outputs using tainted argument $[arg #2]. (Caused by: includes/RenameuserLogFormatter.php +58) (Caused by: includes/RenameuserLogFormatter.php +9; includes/RenameuserLogFormatter.php +28; includes/RenameuserLogFormatter.php +34)" source="SecurityCheck-DoubleEscaped"/> <error line="40" severity="warning" message="Calling method \RenameuserLogFormatter::myPageLink() in \RenameuserLogFormatter::getMessageParameters that outputs using tainted argument $[arg #2]. (Caused by: includes/RenameuserLogFormatter.php +58) (Caused by: includes/RenameuserLogFormatter.php +9; includes/RenameuserLogFormatter.php +28; includes/RenameuserLogFormatter.php +34; includes/RenameuserLogFormatter.php +40)" source="SecurityCheck-DoubleEscaped"/> </file> </checkstyle>