Checking https://gerrit.wikimedia.org/r/#/c/417316/ the [[ https://integration.wikimedia.org/ci/job/mwext-php70-phan-docker/3852/console | output ]] is as follows:
```
<?xml version="1.0" encoding="ISO-8859-15"?>
18:22:31 <checkstyle version="6.5">
18:22:31 <file name="./includes/specials/SpecialCentralAuth.php">
18:22:31 <error line="383" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialCentralAuth::showWikiLists that outputs using tainted argument $[arg #1]. (Caused by: ./includes/specials/SpecialCentralAuth.php +374; ./includes/specials/SpecialCentralAuth.php +118)" source="SecurityCheck-XSS"/>
18:22:31 <error line="385" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialCentralAuth::showWikiLists that outputs using tainted argument $[arg #1]. (Caused by: ./includes/specials/SpecialCentralAuth.php +375; ./includes/specials/SpecialCentralAuth.php +128)" source="SecurityCheck-XSS"/>
18:22:31 </file>
18:22:31 <file name="./includes/specials/SpecialCentralAutoLogin.php">
18:22:31 <error line="158" severity="warning" message="Calling method \SpecialCentralAutoLogin::doFinalOutput() in \SpecialCentralAutoLogin::execute that outputs using tainted argument $json. (Caused by: ./includes/specials/SpecialCentralAutoLogin.php +643; ./includes/specials/SpecialCentralAutoLogin.php +646) (Caused by: ./includes/specials/SpecialCentralAutoLogin.php +151)" source="SecurityCheck-XSS"/>
18:22:31 </file>
18:22:31 <file name="./includes/specials/SpecialGlobalUsers.php">
18:22:31 <error line="37" severity="warning" message="Calling Method \GlobalUsersPager::getNavigationBar in \SpecialGlobalUsers::execute that is always unsafe " source="SecurityCheck-XSS"/>
18:22:31 <error line="37" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialGlobalUsers::execute that outputs using tainted argument $[arg #1]." source="SecurityCheck-XSS"/>
18:22:31 <error line="38" severity="warning" message="Calling Method \GlobalUsersPager::getNavigationBar in \SpecialGlobalUsers::execute that is always unsafe " source="SecurityCheck-XSS"/>
18:22:31 <error line="39" severity="warning" message="Calling Method \GlobalUsersPager::getNavigationBar in \SpecialGlobalUsers::execute that is always unsafe " source="SecurityCheck-XSS"/>
18:22:31 <error line="41" severity="warning" message="Calling Method \GlobalUsersPager::getNavigationBar in \SpecialGlobalUsers::execute that is always unsafe " source="SecurityCheck-XSS"/>
18:22:31 </file>
18:22:31 <file name="./includes/specials/SpecialMergeAccount.php">
18:22:31 <error line="245" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialMergeAccount::doDryRunMerge that outputs using tainted argument $[arg #1]. (Caused by: ./includes/specials/SpecialMergeAccount.php +611)" source="SecurityCheck-XSS"/>
18:22:31 <error line="267" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialMergeAccount::doDryRunMerge that outputs using tainted argument $[arg #1]. (Caused by: ./includes/specials/SpecialMergeAccount.php +599)" source="SecurityCheck-XSS"/>
18:22:31 <error line="358" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialMergeAccount::doAttachMerge that outputs using tainted argument $[arg #1]." source="SecurityCheck-XSS"/>
18:22:31 <error line="376" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialMergeAccount::showWelcomeForm that outputs using tainted argument $[arg #1]." source="SecurityCheck-XSS"/>
18:22:31 <error line="398" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialMergeAccount::showAttachForm that outputs using tainted argument $[arg #1]. (Caused by: ./includes/specials/SpecialMergeAccount.php +659)" source="SecurityCheck-XSS"/>
18:22:31 <error line="436" severity="warning" message="Calling method \OutputPage::addHTML() in \SpecialMergeAccount::showStatus that outputs using tainted argument $[arg #1]." source="SecurityCheck-XSS"/>
18:22:31 </file>
18:22:31 <file name="./maintenance/migrateStewards.php">
18:22:31 <error line="52" severity="warning" message="Echoing expression that was not html escaped (Caused by: ./maintenance/migrateStewards.php +46)" source="SecurityCheck-XSS"/>
18:22:31 </file>
18:22:31 </checkstyle>
18:22:32 Build step 'Execute shell' marked build as failure
18:22:32 [CHECKSTYLE] Collecting checkstyle analysis files...
18:22:32 [CHECKSTYLE] Searching for all files in /srv/jenkins-workspace/workspace/mwext-php70-phan-seccheck-docker that match the pattern src/seccheck-issues
18:22:32 [CHECKSTYLE] Parsing 1 file in /srv/jenkins-workspace/workspace/mwext-php70-phan-seccheck-docker
18:22:32 [CHECKSTYLE] Successfully parsed file /srv/jenkins-workspace/workspace/mwext-php70-phan-seccheck-docker/src/seccheck-issues with 15 unique warnings and 0 duplicates.
18:22:32 [CHECKSTYLE] Computing warning deltas based on reference build #32
18:22:32 [CHECKSTYLE] Ignore new warnings since this is the first valid build
18:22:32 [CHECKSTYLE] Plug-in Result: Failed - <a href="checkstyleResult">15 warnings</a> exceed the threshold of 1 by 14
18:22:32 Finished: FAILURE
```