From: Reedy Date: Thu, 27 Dec 2018 20:19:35 +0000 (+0000) Subject: Deprecate PasswordPolicyChecks::checkPopularPasswordBlacklist X-Git-Tag: 1.34.0-rc.0~3183 X-Git-Url: http://git.cyclocoop.org/%22%2C%20generer_url_ecrire%28?a=commitdiff_plain;h=0d3807c510762187f6364f22a3d1c78fab8f51d8;p=lhc%2Fweb%2Fwiklou.git Deprecate PasswordPolicyChecks::checkPopularPasswordBlacklist Change-Id: I4c90e361b7538efeb0c5efa7ca61aed2e468591c --- diff --git a/RELEASE-NOTES-1.33 b/RELEASE-NOTES-1.33 index 7566b63624..759d91273a 100644 --- a/RELEASE-NOTES-1.33 +++ b/RELEASE-NOTES-1.33 @@ -195,6 +195,9 @@ because of Phabricator reports. returns the same information in a more useful format. * For Linker::generateTOC() and Linker::tocList(), passing strings or booleans as the $lang parameter was deprecated. The same applies to DummyLinker. +* The PasswordPolicy 'PasswordCannotBePopular' has been deprecated. To + follow best practices, it is reccommended to use 'PasswordNotInLargeBlacklist' + instead which blacklists 100,000 commonly used passwords. * … === Other changes in 1.33 === diff --git a/includes/DefaultSettings.php b/includes/DefaultSettings.php index 7f0f59d5ca..f7c3fce124 100644 --- a/includes/DefaultSettings.php +++ b/includes/DefaultSettings.php @@ -4487,6 +4487,7 @@ $wgCentralIdLookupProvider = 'local'; * commonly chosen. Set to integer n to ban the top n passwords. * If you want to ban all common passwords on file, use the * PHP_INT_MAX constant. + * Deprecated since 1.33. Use PasswordNotInLargeBlacklist instead. * - PasswordNotInLargeBlacklist - Password not in best practices list of * 100,000 commonly used passwords. Due to the size of the list this * is a probabilistic test. @@ -8777,6 +8778,7 @@ $wgSearchRunSuggestedQuery = true; * * @see maintenance/createCommonPasswordCdb.php * @since 1.27 + * @deprecated since 1.33 * @var string path to file */ $wgPopularPasswordFile = __DIR__ . '/password/commonpasswords.cdb'; diff --git a/includes/password/PasswordPolicyChecks.php b/includes/password/PasswordPolicyChecks.php index 81b8a0d3ba..c3af88f07d 100644 --- a/includes/password/PasswordPolicyChecks.php +++ b/includes/password/PasswordPolicyChecks.php @@ -143,6 +143,7 @@ class PasswordPolicyChecks { * @param User $user * @param string $password * @since 1.27 + * @deprecated since 1.33 * @return Status * @see $wgPopularPasswordFile */ @@ -150,6 +151,8 @@ class PasswordPolicyChecks { global $wgPopularPasswordFile, $wgSitename; $status = Status::newGood(); if ( $policyVal > 0 ) { + wfDeprecated( __METHOD__, '1.33' ); + $langEn = Language::factory( 'en' ); $passwordKey = $langEn->lc( trim( $password ) ); diff --git a/tests/phpunit/includes/password/PasswordPolicyChecksTest.php b/tests/phpunit/includes/password/PasswordPolicyChecksTest.php index 215201e9df..9f9824f8b7 100644 --- a/tests/phpunit/includes/password/PasswordPolicyChecksTest.php +++ b/tests/phpunit/includes/password/PasswordPolicyChecksTest.php @@ -148,6 +148,7 @@ class PasswordPolicyChecksTest extends MediaWikiTestCase { */ public function testCheckPopularPasswordBlacklist( $expected, $password ) { global $IP; + $this->hideDeprecated( 'PasswordPolicyChecks::checkPopularPasswordBlacklist' ); $this->setMwGlobals( [ 'wgSitename' => 'sitename', 'wgPopularPasswordFile' => "$IP/includes/password/commonpasswords.cdb"