Page MenuHomePhabricator
Create Task
Maniphest T290515

Don't report duplicated issues with different caused-by lines
Closed, ResolvedPublicBUG REPORT
Actions

Description

Related issue upstream: https://github.com/phan/phan/issues/4530

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
Upgrade phan to ~6.0.5mediawiki/tools/phan/SecurityCheckPluginmaster+6 -10
Document status quo with duplicated issuesmediawiki/tools/phan/SecurityCheckPluginmaster+25 -0
Customize query in gerrit

Related Objects
Search...

Event Timeline

Daimona created this task.Sep 7 2021, 6:18 PM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptSep 7 2021, 6:18 PM
gerritbot added a comment.Sep 7 2021, 6:18 PM

Change 719309 had a related patch set uploaded (by Daimona Eaytoy; author: Daimona Eaytoy):

[mediawiki/tools/phan/SecurityCheckPlugin@master] [WIP] Duplicated issues

https://gerrit.wikimedia.org/r/719309

gerritbot added a project: Patch-For-Review.Sep 7 2021, 6:18 PM
Daimona claimed this task.Sep 7 2021, 6:18 PM
Daimona added a parent task: T269816: Investigate running taint-check with analyze-twice.
Daimona updated the task description. (Show Details)Sep 9 2021, 12:56 PM
Daimona removed Daimona as the assignee of this task.Sep 13 2021, 5:13 PM

Turns out this is non-trivial to do (in a cheap-ish way). I guess we could just leave duplicates for now, so not currently working on this.

gerritbot added a comment.Sep 15 2021, 3:26 PM

Change 719309 merged by jenkins-bot:

[mediawiki/tools/phan/SecurityCheckPlugin@master] Document status quo with duplicated issues

https://gerrit.wikimedia.org/r/719309

Maintenance_bot removed a project: Patch-For-Review.Sep 15 2021, 4:10 PM
Daimona moved this task from Backlog to Plugin itself on the phan-taint-check-plugin board.Oct 15 2022, 5:21 PM
Daimona claimed this task.Apr 2 2026, 3:15 PM

For --analyze-twice specifically, things got better thanks to upstream change https://github.com/phan/phan/pull/5495, which changed the first pass of --analyze-twice so that it doesn't actually emit any issues. I'm going to upgrade to phan >= 6.0.3 to get this fix.

I am also going to assume that duplicated issues can't otherwise be reported (without --analyze-twice), and that the upgrade will therefore resolve this.

gerritbot added a comment.Apr 2 2026, 3:19 PM

Change #1267087 had a related patch set uploaded (by Daimona Eaytoy; author: Daimona Eaytoy):

[mediawiki/tools/phan/SecurityCheckPlugin@master] Upgrade phan to ~6.0.5

https://gerrit.wikimedia.org/r/1267087

gerritbot added a project: Patch-For-Review.Apr 2 2026, 3:19 PM
gerritbot added a comment.Tue, Apr 28, 1:14 PM

Change #1267087 merged by jenkins-bot:

[mediawiki/tools/phan/SecurityCheckPlugin@master] Upgrade phan to ~6.0.5

https://gerrit.wikimedia.org/r/1267087

Daimona closed this task as Resolved.Tue, Apr 28, 2:04 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits