Page MenuHomePhabricator
Create Task
Maniphest T394965

Provide API-powered linting of supported languages in CodeMirror
Open, MediumPublic
Actions

Description

Adjacent idea to T394964: Allow customization of linting rules in CodeMirror

Background

In-browser linting is great because it is fast. However for JavaScript, CSS, and of course wikitext, MediaWiki has an additional layer of linting for each of these content models. For sanitized-css specifically, violations would prevent the edit from being saved. It'd be great to surface these linting errors to users without requiring them to save or even preview.

In T190114 it was suggested to have the Web Workers poll the server instead of doing clientside processing, but it is believed this might be too slow for some users. Perhaps we could have both clientside and serverside linting.

Potential solutions

  • Allow API-powered linters to run in parallel with the existing JS worker linters
  • Add preferences to selectively toggle linters on/off
  • Add a button and/or keyboard shortcut to do a "full lint" of the code, if the API is too slow to query continuously

Checklist

For CSS, work needs to be done to have css-sanitizer and/or TemplateStyles return the violations in a structured format. See T190114. So proper server-side linting of sanitized CSS via an API is currently not possible. We can do some things with Stylelint, such as r1190686 which warns about vendor prefixes (which are disallowed in sanitized CSS).

Details

Related Changes in Gerrit:
SubjectRepoBranchLines +/-
API-powered CSS/Lua lintingmediawiki/extensions/CodeMirrormaster+118 -1
Add API module for server-side content validationmediawiki/extensions/CodeMirrormaster+416 -2
Zuul: [CodeMirror] Add Scribunto, TemplateStyles phan dependenciesintegration/configmaster+2 -0
API module for exposing sanitization errors in sanitized-css contentmediawiki/extensions/TemplateStylesmaster+203 -2
Customize query in gerrit

Related Objects
Search...

Event Timeline

MusikAnimal created this task.May 22 2025, 3:55 AM
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptMay 22 2025, 3:55 AM
MusikAnimal added a subtask: T373711: Add support for Scribunto, JavaScript, CSS, JSON and Vue to CodeMirror 6.May 22 2025, 3:56 AM
MusikAnimal mentioned this in T373711: Add support for Scribunto, JavaScript, CSS, JSON and Vue to CodeMirror 6.
Diskdance subscribed.May 22 2025, 4:03 AM
Izno subscribed.EditedMay 22 2025, 4:34 AM

The only systems I know that will actually prevent a save of a wikitext content model page are associated with the edit filter or a blacklist (see also T279275), not the linter extension.

There are also definitely lints that are treated as annoying on en (contrast and duplicate IDs off the cuff, primarily caused by the likes of navboxes and references) and I'm not sure what to suggest about those.

Prior art for lint and editor is somewhere in the direction of LintHint.

MusikAnimal mentioned this in T394964: Allow customization of linting rules in CodeMirror.May 22 2025, 8:19 AM
Nardog subscribed.May 22 2025, 9:39 AM
MusikAnimal added a comment.May 22 2025, 4:43 PM

The Linter extension doesn't prevent saves, no! I imagine that would be quite bad. Apologies for my poor wording. The "prevent saving" bit is referring to sanitized-css.

I'm thinking AbuseFilter will stay on Ace for a while, unless there's demand to bring CodeMirror there. It'd need a dedicated stream parser, similar to what they have now for Ace.

Anyway, the clientside linter is part of T373711, which we already have working. This task is about adding an additional means to lint by querying the server on-demand, as the "source of truth" so to speak.

MusikAnimal updated the task description. (Show Details)May 22 2025, 4:44 PM
Tgr added a comment.May 22 2025, 4:53 PM

Showing issues that prevent the save would be nice, too. I think the fundamental limitation here is that the linter / filter / whatever needs to be able to return errors associated with specific lines. That's not always straightforward (see e.g. T174554: AbuseFilter should expose matched text to warning messages for some related discussion), although for blacklists it should be easy to add.

Parse errors in a non-line-specific format (all errors squished together into a single string) are already returned on preview (T190120: Parse warnings not visible with live preview).

SD0001 subscribed.May 24 2025, 7:13 PM

For JavaScript, the Peast PHP package is available in Core. We'll need to add an action API endpoint to make use of it (unless one already exists?). See ResourceLoader/Module.php#999

Not sure if it's necessary. We use Peast just to tell if a script is valid ES2017, which can be reliably determined by ESlint as well, and must faster at that. (If ESlint doesn't expose a suitable API, you could use Acorn which should already be in the bundle considering it's a dependency of Eslint).

Bhsd subscribed.EditedMay 25 2025, 3:48 AM
In T394965#10854822, @SD0001 wrote:

We use Peast just to tell if a script is valid ES2017, which can be reliably determined by ESlint as well, and must faster at that. (If ESlint doesn't expose a suitable API, you could use Acorn which should already be in the bundle considering it's a dependency of Eslint).

The ecmaversion: 8 in ESLint config does that. But I don't think it is a good idea because many JS pages don't need to pass Peast so they may be written in more advanced syntax.

ExE-Boss subscribed.May 27 2025, 11:34 AM
MusikAnimal triaged this task as Low priority.May 28 2025, 4:27 AM

OK! Not having to create an API endpoint sounds ideal, hehe, though I do think it would be pretty neat :/ Probably better fit for Core, if it is to be used for validation of ResourceLoader-managed JS pages.

Let's focus on T394964: Allow customization of linting rules in CodeMirror for now.

Bhsd added a comment.Jun 17 2025, 2:31 AM

The MediaWiki-extensions-Linter API is useless in this case because it only returns lint errors of existing pages. We need to use the REST API, which is still marked as "experimental".

gerritbot added a comment.Sep 27 2025, 4:37 AM

Change #1191795 had a related patch set uploaded (by Bhsd; author: Bhsd):

[mediawiki/extensions/CodeMirror@master] CodeMirrorMediaWiki: lint using the REST API

https://gerrit.wikimedia.org/r/1191795

gerritbot added a project: Patch-For-Review.Sep 27 2025, 4:37 AM
Bhsd mentioned this in T381577: Highlighting of syntax errors, warnings, infos for Wikitext editor.Oct 1 2025, 5:30 AM
Bhsd mentioned this in T344712: A special edit link that highlights all the lint errors in an article.Oct 2 2025, 7:20 AM
Escargot_rouge subscribed.Oct 6 2025, 9:12 AM
MusikAnimal renamed this task from Add call to action to perform server-provided linting of JS, CSS and wikitext in CodeMirror to Provide API-powered linting of JS, CSS and wikitext in CodeMirror.Oct 13 2025, 5:58 PM
MusikAnimal renamed this task from Provide API-powered linting of JS, CSS and wikitext in CodeMirror to Provide API-powered linting of supported languages in CodeMirror.
MusikAnimal raised the priority of this task from Low to Medium.
MusikAnimal updated the task description. (Show Details)
MusikAnimal mentioned this in T407153: API-powered linting for wikitext using Parsoid.Oct 13 2025, 6:26 PM
MusikAnimal mentioned this in T407154: API-powered linting for JavaScript using Peast.Oct 13 2025, 6:38 PM
MusikAnimal updated the task description. (Show Details)Oct 13 2025, 6:46 PM
MusikAnimal changed the status of subtask T407153: API-powered linting for wikitext using Parsoid from Open to In Progress.Oct 22 2025, 7:17 PM
Tgr added a project: User-Tgr.Oct 26 2025, 10:41 AM
MusikAnimal updated the task description. (Show Details)Oct 29 2025, 5:53 PM
Bhsd removed a project: Patch-For-Review.Oct 30 2025, 2:05 PM
Bhsd closed subtask T407153: API-powered linting for wikitext using Parsoid as Resolved.Nov 7 2025, 2:30 PM
SD0001 added a comment.Nov 27 2025, 5:16 PM

For CSS, work needs to be done to have css-sanitizer and/or TemplateStyles return the violations in a structured format.

css-sanitizer does return violations in a structured format. This is used by TemplateStyles for showing validation errors in previews and during save. It's easy to expose an API in TemplateStyles which CodeMirror can invoke.

gerritbot added a comment.Dec 8 2025, 7:40 PM

Change #1216635 had a related patch set uploaded (by SD0001; author: SD0001):

[mediawiki/extensions/TemplateStyles@master] API module for exposing sanitization errors in sanitized-css content

https://gerrit.wikimedia.org/r/1216635

gerritbot added a project: Patch-For-Review.Dec 8 2025, 7:40 PM
Mr._Starfleet_Command subscribed.Dec 13 2025, 7:33 PM
gerritbot added a comment.Dec 19 2025, 8:00 PM

Change #1219938 had a related patch set uploaded (by SD0001; author: SD0001):

[mediawiki/extensions/CodeMirror@master] Add API module for server-side content validation

https://gerrit.wikimedia.org/r/1219938

gerritbot added a comment.Dec 22 2025, 6:03 PM

Change #1220388 had a related patch set uploaded (by SD0001; author: SD0001):

[integration/config@master] Zuul: [CodeMirror] Add Scribunto, TemplateStyles phan dependencies

https://gerrit.wikimedia.org/r/1220388

gerritbot added a comment.Dec 30 2025, 12:33 PM

Change #1216635 abandoned by SD0001:

[mediawiki/extensions/TemplateStyles@master] API module for exposing sanitization errors in sanitized-css content

https://gerrit.wikimedia.org/r/1216635

gerritbot added a comment.Jan 3 2026, 5:58 PM

Change #1220388 merged by jenkins-bot:

[integration/config@master] Zuul: [CodeMirror] Add Scribunto, TemplateStyles phan dependencies

https://gerrit.wikimedia.org/r/1220388

gerritbot added a comment.Jan 4 2026, 12:56 AM

Change #1219938 merged by jenkins-bot:

[mediawiki/extensions/CodeMirror@master] Add API module for server-side content validation

https://gerrit.wikimedia.org/r/1219938

Mr._Starfleet_Command updated the task description. (Show Details)Jan 4 2026, 5:24 AM
Bhsd updated the task description. (Show Details)Jan 5 2026, 8:16 AM
gerritbot added a comment.Jan 7 2026, 10:42 AM

Change #1224044 had a related patch set uploaded (by Bhsd; author: Bhsd):

[mediawiki/extensions/CodeMirror@master] API-powered CSS/Lua linting

https://gerrit.wikimedia.org/r/1224044

gerritbot added a comment.Wed, Jan 14, 9:16 AM

Change #1224044 merged by jenkins-bot:

[mediawiki/extensions/CodeMirror@master] API-powered CSS/Lua linting

https://gerrit.wikimedia.org/r/1224044

Bhsd removed a project: Patch-For-Review.Fri, Jan 16, 12:28 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits