Page MenuHomePhabricator

Use expression builder instead of raw SQL in ORES
Closed, ResolvedPublic

Description

Now that T210206: Deprecate raw SQL conditions for IDatabase methods (select, insert, etc.) is done, this extension should migrate away from building and passing around raw SQL to expression builders.

It improves readability and security of the code and is more aligned with industry practices easing onboarding.

For more information check T210206 and T350075.

Calls to Database::addQuotes(), ::buildLike(), ::makeList() indicate that raw SQL is being built and passed around.

Relevant codesearches:

Event Timeline

Change 1004348 had a related patch set uploaded (by MPGuy2824; author: MPGuy2824):

[mediawiki/extensions/ORES@master] Replace addQuotes() with expression builder

https://gerrit.wikimedia.org/r/1004348

Change 1004348 merged by jenkins-bot:

[mediawiki/extensions/ORES@master] Replace addQuotes() with expression builder

https://gerrit.wikimedia.org/r/1004348

Change 1007485 had a related patch set uploaded (by MPGuy2824; author: MPGuy2824):

[mediawiki/extensions/ORES@master] Replace makeList() with ExpressionGroups

https://gerrit.wikimedia.org/r/1007485

Change 1007485 merged by jenkins-bot:

[mediawiki/extensions/ORES@master] Replace makeList() with ExpressionGroups

https://gerrit.wikimedia.org/r/1007485

MPGuy2824 claimed this task.
MPGuy2824 updated the task description. (Show Details)