+ // If the username is not valid, tell the user.
+ if ( $username && !User::getCanonicalName( $username ) ) {
+ return StatusValue::newFatal( 'noname' );
+ }
+
+ // If the username doesn't exist, don't tell the user.
+ // This is not to avoid disclosure, as this information is available elsewhere,
+ // but it simplifies the password reset UX. T238961.