jenkins-bot [Thu, 2 Jun 2016 21:23:04 +0000 (21:23 +0000)]
Merge "Show ParserOutput warning instead of on the actual page output for ignored display titles"
Florian [Thu, 2 Jun 2016 20:50:55 +0000 (22:50 +0200)]
HTMLForm: Don't add a type=reset to links
Follow up: Ieb80e2ff36751abc6f00e2a02926fe9800666a8b
Change-Id: If88c80a46cba9729a9503b82532584443d6d5ba4
Erik Bernhardson [Thu, 2 Jun 2016 20:12:16 +0000 (13:12 -0700)]
Don't lose namespace when searching via api
A recent patch, I66be724d, introduced a regression that no longer
applied user selected namespaces to the search engine. Fix that up so we
give the correct responses to api rqeuests.
Change-Id: I8e5e180cb143ae3cddeb12f51bc7aae75b20fe58
Translation updater bot [Thu, 2 Jun 2016 20:02:32 +0000 (20:02 +0000)]
Merge "Localisation updates from https://translatewiki.net."
jenkins-bot [Thu, 2 Jun 2016 20:00:37 +0000 (20:00 +0000)]
Merge "Improve HTMLForm (and Special:ChangeCredentials) cancel button"
Translation updater bot [Thu, 2 Jun 2016 19:55:40 +0000 (21:55 +0200)]
Localisation updates from https://translatewiki.net.
Change-Id: I1dc0bbb38277e8c24ace6b53e835d8d5020de50f
Gergő Tisza [Thu, 2 Jun 2016 14:17:13 +0000 (14:17 +0000)]
Improve HTMLForm (and Special:ChangeCredentials) cancel button
Add two new HTMLForm methods:
* showCancel( [bool] ) to display a cancel button
* setCancelTarget( Title|string ) to set where it should take
the user.
The cancel button is a simple link formatted as a button.
This is faster than a real button (skips an unnecessary
submit and redirect) and avoids some UX problems:
* when clicking on a real button, HTML5 or JS validators
might prevent submission, which does not make sense for cancel
* form field values might get saved by the brower, which again
does not make sense for cancelling
Use the cancel button for Special:ChangeCredentials.
Bug: T136809
Change-Id: Ieb80e2ff36751abc6f00e2a02926fe9800666a8b
Brad Jorsch [Thu, 2 Jun 2016 19:26:14 +0000 (15:26 -0400)]
AuthManager::setDefaultUserOptions and LoginForm::initUser shouldn't invalidate CA tokens
We only want to set the local user_token when we create the local
account. We don't want to invalidate all existing CentralAuth sessions
for the user just because they happened to visit a new wiki and get
an account auto-created.
This might also fix T136853. It looks like what's going on there is that
two jobs are both in this code path calling CentralAuth::resetAuthToken()
at the same time, leading to a race and one fails the CAS check.
Bug: T136834
Change-Id: I61b8253584a11a5b02f7ccb9efa0679cd2a822c6
jenkins-bot [Thu, 2 Jun 2016 17:54:40 +0000 (17:54 +0000)]
Merge "Make LinksDeletionUpdate use query batching"
Niklas Laxström [Thu, 2 Jun 2016 05:57:35 +0000 (07:57 +0200)]
mediawiki.jqueryMsg: Add @since to parseDom
Since I keep looking it up from the history.
Change-Id: I541c1f9ca7df291226b9cc1c0d6bdbd71f7ce486
Max Semenik [Wed, 27 Apr 2016 01:10:26 +0000 (18:10 -0700)]
Rethink diff limits
Now, instead of "if your changed paragraphs are larger than 10Kb, you're
screwed":
* Instead of relying on overall length, estimate complexity after splitting to words
and taking any equal head and tail out of equation.
* Estimate based on words changed, which better reflects the actual complexity
of generating a diff.
* New limit is determined scientifically, i.e. "above that number XDebug starts
complaining about recursion limits reached in Vagrant".
Caveat: if new limits are hit, the consequences are more widespread as all adjacent
changed paragraphs are displayed without word level diffs, as opposed to only the
paragraph that's too long being affected. However, the new limit is much higher and
in wikitext you're supposed to put empty lines between paragraphs anyway, negating
this problem.
Bug: T128697
Change-Id: I4e91c7c40f5afdd116b847a859b8517522302489
jenkins-bot [Wed, 1 Jun 2016 21:26:13 +0000 (21:26 +0000)]
Merge "AuthManager: Ensure neededRequests have action and username set properly"
jenkins-bot [Wed, 1 Jun 2016 21:14:27 +0000 (21:14 +0000)]
Merge "Fix Special:PrefixIndex paging links"
Aaron Schulz [Wed, 1 Jun 2016 20:59:35 +0000 (13:59 -0700)]
Fix Special:PrefixIndex paging links
Capture the last row instead of skipping it and then not
finding anything in the fetchObject() call.
Bug: T136738
Change-Id: Ibcfa6c18c54227fda75298a849717e6ef3418928
Translation updater bot [Wed, 1 Jun 2016 20:43:13 +0000 (20:43 +0000)]
Merge "Localisation updates from https://translatewiki.net."
jenkins-bot [Wed, 1 Jun 2016 20:36:03 +0000 (20:36 +0000)]
Merge "Expose SearchEngine specific profiles"
Translation updater bot [Wed, 1 Jun 2016 20:34:22 +0000 (22:34 +0200)]
Localisation updates from https://translatewiki.net.
Change-Id: I58c9f2c935838e27afd48890da19fda98d6c792e
Bartosz Dziewoński [Wed, 1 Jun 2016 20:12:59 +0000 (22:12 +0200)]
LinkBatch: Cast array keys to string when constructing TitleValue
If $dbkey consisted only of numbers (0-9), PHP converts it to an
integer when using it as array key, and then returns it as an integer
when iterating over the array. This is normally fine, but TitleValue
does strict type checking.
Follow-up to
682116760198a7420a809e0b9966ecdc63f1c67d.
Bug: T136615
Change-Id: I894800c3f5aec0c2d0c23f8adfa1b840495f3b16
jenkins-bot [Wed, 1 Jun 2016 18:54:48 +0000 (18:54 +0000)]
Merge "Make AuthManager::getAuthenticationProvider() public"
Brad Jorsch [Wed, 1 Jun 2016 18:16:49 +0000 (14:16 -0400)]
Make AuthManager::getAuthenticationProvider() public
I found a need in CentralAuth to check that
CentralAuthPrimaryAuthenticationProvider is actually in use, so I'm
exposing this.
Change-Id: I40bd3dc4d05db0c3a34b01f550a9a9a1ded8fc61
Ori Livneh [Wed, 1 Jun 2016 17:32:37 +0000 (10:32 -0700)]
Clean-up of MediaWikiTestCase::checkHasGzip()
* Move the method from MediaWikiTestCase to DumpTestCase. Only subclasses of
DumpTestCase use it, and it is not sufficiently well-designed to be a part
of MediaWikiTestCase. (I'd want something more generic, like
"$this->markSkippedUnlessExecutable()", rather than a method dedicated solely
to establishing the availability of the gzip binary.)
* Fix it so that the result of the check is actually cached. It wasn't,
previously, because of how 'static' works in PHP.
* Be content with checking that gzip is in $PATH instead of actually executing
it.
Change-Id: Iec687a6bfe75912e1875afc3abb4fb6197a0b3aa
Ori Livneh [Wed, 1 Jun 2016 17:42:34 +0000 (10:42 -0700)]
Check that file is executable in Installer::locateExecutable
Just because the file exists doesn't mean that we can run.
Use is_executable(), a one-shot check for both existence and executability.
Change-Id: I705010b01cd3a17c3950eebae3066d7b007f706e
Brad Jorsch [Wed, 1 Jun 2016 15:58:44 +0000 (11:58 -0400)]
AuthManager: Ensure neededRequests have action and username set properly
They were coming out as null instead, which screws up when requests are
changing their fields based on the action.
Change-Id: Ic8caf57ebad35c3eb17d45f9d96c6de5b559a83a
jenkins-bot [Wed, 1 Jun 2016 13:21:36 +0000 (13:21 +0000)]
Merge "Remove a test case from PHPSessionHandlerTest::testSessionHandling()"
jenkins-bot [Wed, 1 Jun 2016 08:54:01 +0000 (08:54 +0000)]
Merge "HTMLRadioField: Only add 'mw-ui' classes when needed"
jenkins-bot [Wed, 1 Jun 2016 06:15:29 +0000 (06:15 +0000)]
Merge "Parser: Pass Title onto Linker::makeExternalLink()"
Kunal Mehta [Wed, 1 Jun 2016 05:47:51 +0000 (22:47 -0700)]
Parser: Pass Title onto Linker::makeExternalLink()
Otherwise $wgNoFollowNsExceptions functionality won't work.
Change-Id: I2e1c5ad41f94568bff7f24a400d555b604cfe22e
jenkins-bot [Wed, 1 Jun 2016 05:37:48 +0000 (05:37 +0000)]
Merge "Fix key prefix comment after
0a38dbc809c8"
jenkins-bot [Wed, 1 Jun 2016 05:37:04 +0000 (05:37 +0000)]
Merge "Add a parser test for $wgNoFollowDomainExceptions functionality"
jenkins-bot [Wed, 1 Jun 2016 05:30:24 +0000 (05:30 +0000)]
Merge "Make $url parameter to Parser::getExternalLinkAttribs() required"
Aaron Schulz [Wed, 1 Jun 2016 05:27:46 +0000 (22:27 -0700)]
Fix key prefix comment after
0a38dbc809c8
Change-Id: I9085d1f0020917b431d9ef7afd4de93e54df0abc
Kunal Mehta [Wed, 1 Jun 2016 05:20:36 +0000 (22:20 -0700)]
Add a parser test for $wgNoFollowDomainExceptions functionality
Verify that domains on the exception list don't get a "nofollow"
attribute.
Change-Id: I01a7fc0fd9ccd21069beb26dcf3f775c79e00202
jenkins-bot [Wed, 1 Jun 2016 04:59:27 +0000 (04:59 +0000)]
Merge "User: Simplify process cache by using WANObjectCache::getWithSetCallback"
Ori Livneh [Wed, 18 May 2016 06:14:00 +0000 (23:14 -0700)]
Remove a test case from PHPSessionHandlerTest::testSessionHandling()
The test sleeps for nine seconds (3 invocations, 3 seconds per
invocation) which is difficult to sit through.
The test code sets the value of two PHP parameters, session.gc_divisor
and session.gc_probability, to 1. This may be to ensure that PHP will
invoke the session handler's gc() method when the call is made to
session_start() below. But the call to PHPSessionHandler::gc() is
immaterial, for two reasons:
- PHPSessionHandler::gc() evicts items by calling the
deleteObjectsExpiringBefore() on the BagOStuff instance it uses for
storage. The only BagOStuff implementation that actually uses that
method to evict items is SqlBagOStuff, which we're not using here,
and which would be an odd choice of a storage backend for sessions.
- PHP calls SessionHandler::gc() _after_ opening the new (or resumed)
session and loading its data, so even if deleteObjectsExpiringBefore()
actually did anything, it would not influence the result of the test.
Bug: T135576
Change-Id: I6e153ec8bfa5972ed45a0e6b7720832692b952fb
jenkins-bot [Wed, 1 Jun 2016 04:36:27 +0000 (04:36 +0000)]
Merge "Avoid passing integers to mw.RegExp.escape"
Kunal Mehta [Wed, 1 Jun 2016 04:25:18 +0000 (21:25 -0700)]
Make $url parameter to Parser::getExternalLinkAttribs() required
All callers in Gerrit pass $url in.
Change-Id: I36246f6510db414dcc7023f8779796c060c3eba5
Timo Tijhof [Sat, 27 Feb 2016 19:35:21 +0000 (19:35 +0000)]
User: Simplify process cache by using WANObjectCache::getWithSetCallback
Follows-up
7d67b4d919,
9c733318.
* Convert loadFromId() to use getWithSetCallback() and centralise
cache access logic there instead of spread between loadFromCache()
and saveToCache().
* Remove process cache from User class (added in
9c733318).
Instead, tell WANObjectCache to process-cache the key for 30 seconds.
* No need to deal with process cache in purge() because load uses slaves by
default and may be lagged. Reads that require READ_LATEST already bypass
the cache.
* Remove saveToCache() and move logic to loadFromCache().
It was technically a public method, but marked private and no longer used
in any extensions.
* Remove redundant isAnon() check in loadFromCache().
This is already done by loadFromId() and loadFromDatabase().
* Remove hasOrMadeRecentMasterChanges() check. It was used to add READ_LATEST
to the flags. However, this check only occurred if either READ_LATEST was
already set, or after consulting cache. Which means in general, it never
does anything. If we want to keep this, we should probably move it higher up.
* Let WANObjectCache handle cache version. That way, there is no longer separate
logic for "populate cache" and "cache lookup failed". Instead, there is
just "get data" that tries cache first.
I've considered moving the version into the cache key (like we do elsewhere)
but that would be problematic here since User cache must be purgeable
cross-wiki and other wikis may run a different version (either in general,
or even just during a deployment). As such, the key must remain unchanged when
the version changes so that purges from newer wikis affect what older wikis see
and vice versa.
Change-Id: Icfbc54dfd0ea594dd52fc1cfd403a7f66f1dd0b0
jenkins-bot [Tue, 31 May 2016 23:01:05 +0000 (23:01 +0000)]
Merge "Simplify mediawiki.raggett.css"
jenkins-bot [Tue, 31 May 2016 22:56:44 +0000 (22:56 +0000)]
Merge "mw.Title: Correct order of file URL regexes in newFromImg"
jenkins-bot [Tue, 31 May 2016 22:56:04 +0000 (22:56 +0000)]
Merge "HTMLMultiSelectField: Use CheckboxMultiselectInputWidget"
Kunal Mehta [Tue, 31 May 2016 22:49:04 +0000 (15:49 -0700)]
Simplify mediawiki.raggett.css
Per code review on
cbb2913bb935f.
Change-Id: I8958753a4e643777976fcc6b56edcd7c23568842
jenkins-bot [Tue, 31 May 2016 22:48:24 +0000 (22:48 +0000)]
Merge "objectcache: Support key versioning in WANObjectCache"
Bartosz Dziewoński [Mon, 30 May 2016 11:16:51 +0000 (13:16 +0200)]
HTMLMultiSelectField: Use CheckboxMultiselectInputWidget
Depends on I6f9fad0a462b43ac45c117cd3a3e11c36781cf11 in OOjs UI.
Bug: T123935
Change-Id: I62322739b985cc2143b5094d23b3aa5dd1004c25
Bartosz Dziewoński [Tue, 31 May 2016 22:40:15 +0000 (00:40 +0200)]
mw.Title: Correct order of file URL regexes in newFromImg
The "Thumbnails in non-hashed upload directories" regex can match
non-thumbnailed files in hashed directories if the file name contains
the word "thumbnail" or the first two bytes of the MD5 hash of the
file name. We should check "Full size images" first.
Bug: T134860
Change-Id: I74af47969bf9ba204c24e299f788f5349302e437
James D. Forrester [Tue, 31 May 2016 21:55:25 +0000 (14:55 -0700)]
Update OOjs UI to v0.17.4
Release notes:
https://phabricator.wikimedia.org/diffusion/GOJU/browse/master/History.md;v0.17.4
Change-Id: I35019c565ec1d72fde0b69f217cab8d73ce441a4
jenkins-bot [Tue, 31 May 2016 20:40:57 +0000 (20:40 +0000)]
Merge "Reset all tokens on login"
Translation updater bot [Tue, 31 May 2016 20:10:00 +0000 (22:10 +0200)]
Localisation updates from https://translatewiki.net.
Change-Id: I3f77a9f17cd70c9ba120d024b0acb7a4de31a37e
jenkins-bot [Tue, 31 May 2016 19:22:44 +0000 (19:22 +0000)]
Merge "populateRevisionLength: Read from slaves when possible"
Chad Horohoe [Tue, 31 May 2016 19:20:05 +0000 (12:20 -0700)]
Reset all tokens on login
Bug: T122056
Change-Id: I03739e942b6c182ed9cbcd0d9615dcd799e8baed
Derk-Jan Hartman [Wed, 11 May 2016 11:53:59 +0000 (13:53 +0200)]
resourceloader: Strip leading BOM when concatenating files
We read files and concatenate their contents. Files may start with a BOM character.
BOM characters are only allowed at the beginning of a file, not half way.
Stripping it should be safe, since we already assume that everything is UTF-8.
Change-Id: I14ad698a684e78976e873e9ae2c367475550a063
jenkins-bot [Tue, 31 May 2016 17:39:48 +0000 (17:39 +0000)]
Merge "Do not redirect to HTTPS when it's not supported"
jenkins-bot [Tue, 31 May 2016 17:01:07 +0000 (17:01 +0000)]
Merge "Return error message in users API cancreate field"
jenkins-bot [Tue, 31 May 2016 16:41:53 +0000 (16:41 +0000)]
Merge "AuthManager fixups around the login→RESTART→create flow"
Gergő Tisza [Thu, 26 May 2016 18:04:02 +0000 (18:04 +0000)]
Do not redirect to HTTPS when it's not supported
Most URL generation happens via wfExpandUrl, which honors $wgServer
(or whatever setting it is told to use): if it has an explicit
protcol, that is always used; if it is a protocol-relative URL,
the protocol is selected based on the parameters given to wfExpandUrl.
One exception is MediaWiki::main() which always uses HTTPS if the
relevant cookie or user option is set, even if the wiki does not
support it. That can lead to annoying problems on Vagrant where it
is not unusual to turn HTTPS support on and off: when that happens,
the user can get locked out of the account.
Change-Id: I06982a26cd808f2aaa26753cd3353ed82473d9e0
jenkins-bot [Tue, 31 May 2016 16:17:32 +0000 (16:17 +0000)]
Merge "Fix encryption code in Session"
Gergő Tisza [Mon, 30 May 2016 22:05:14 +0000 (22:05 +0000)]
Fix encryption code in Session
* verify that the algorithm that's about to be used is available
* fix exception namespace
Bug: T136587
Change-Id: I9f8636bef0e10b4f2b8bfe232a26a8c33376ca04
Brad Jorsch [Thu, 26 May 2016 17:09:14 +0000 (13:09 -0400)]
AuthManager fixups around the login→RESTART→create flow
* ApiQueryAuthManagerInfo will differentiate between preserved linking
data and a preserved createRequest.
* ApiQueryAuthManagerInfo will indicate the preserved username, if any,
because the client will have to pass that back to action=createaccount.
* ApiClientLogin won't tell about the confusing
CreateFromLoginAuthenticationRequest returned on RESTART responses.
* Explain how 'preservestate' works in ApiAMCreateAccount's auto-doc.
* ConfirmLinkSecondaryAuthenticationProvider will filter out requests
that can no longer be used (i.e. if it was for linking the account
that got used for creation).
* All the complicated code in AuthManager::beginAccountCreation() was
trying to deal with allowing the client to pass only the
CreateFromLoginAuthenticationRequest. That was dumb, removed it.
* Added methods to CreateFromLoginAuthenticationRequest to indicate its
status with respect to different kinds of preserved state.
* Increase accuracy of the AuthenticationResponse::$createRequest doc.
Change-Id: I726d79de18e739d6e60c1eea51453433c21ba207
Santhosh Thottingal [Tue, 31 May 2016 09:48:14 +0000 (15:18 +0530)]
Avoid passing integers to mw.RegExp.escape
Passing the index value of the loop to mw.RegExp.escape
causes javascript error at str.replace. mw.RegExp.escape
expects string parameters. It is not required to escape
the loop index here.
Follow-up to
c81ab8ae5f89056d23a4b0d36066120b9701d07e.
Bug: T135743
Change-Id: I818bc2c671193e79848ae183f509473200c6abf5
Translation updater bot [Mon, 30 May 2016 19:56:25 +0000 (21:56 +0200)]
Localisation updates from https://translatewiki.net.
Change-Id: Iafc12789c203b6b3d1ce0f81136f139a023ed972
Nemo bis [Thu, 27 Nov 2014 12:52:56 +0000 (13:52 +0100)]
pngcrush -brute -reduce on mediawiki.skinning
About 25 % size reduction. Looks good in my image viewer.
Change-Id: I9e4815a75899a68e30b8c264f3d772c8ceb6301b
dcausse [Thu, 31 Mar 2016 09:13:21 +0000 (11:13 +0200)]
Expose SearchEngine specific profiles
This patch introduces a way for SearchEngine implementations to expose
specific search profiles useful to fine-tune the various behaviors related to
search.
A SearchEngine can expose a list of profiles by overriding
SearchEngine::getProfiles( $profileType ), profileType stands for the type of
profile being customized. Two types are added in this patch:
- completion: exposed by ApiQueryPrefixSearch and ApiOpenSearch to control
the behavior of the algorithm behind "search as you type" suggestions.
- fulltext query independent profiles: exposed by ApiQuerySearch to customize
query indpendent ranking profiles (e.g. boost by templates/incoming
links/popularity/...)
This patch allows api consumers that might have been confused by fuzzy
suggestions to switch to stricter profiles and to officialize the behavior
behind the hidden param cirrusUseCompletionSuggester. Or to control the
fulltext ranking behaviors like cirrusBoostLinks=(yes|no).
The list of profiles can be discovered by using ApiSandbox/ApiHelp and is totally
controlled by search engine implementations.
Bug: T132477
Change-Id: I66be724d8975976c98c91badbf421f237e014f89
Gergő Tisza [Mon, 30 May 2016 18:16:07 +0000 (20:16 +0200)]
Return error message in users API cancreate field
That API field exposes AuthManager::canCreateAccount, where the error
message is important.
Change-Id: Idef441b311b94ff0cb6c4deaed1ac93959ee7ee8
Timo Tijhof [Mon, 30 May 2016 16:15:09 +0000 (17:15 +0100)]
Fix rvtoken=rollback in ApiQueryRevisions
Follows-up
9af38c0. Token must match ApiRollback, RollbackAction,
Linker, and WikiPage. (This should not be in different 5 places!)
This broke the "PILT" gadget.
Bug: T136375
Change-Id: Ia6b6879a952925ec52fa627ba57991bc87fd947a
Bartosz Dziewoński [Mon, 30 May 2016 15:00:00 +0000 (17:00 +0200)]
HTMLRadioField: Only add 'mw-ui' classes when needed
Otherwise the field would change if something loaded the deprecated
'mediawiki.ui' style modules.
Bug: T133114
Change-Id: I06ddeade961bdf11eda6572d246333d750cfc2ab
Bartosz Dziewoński [Mon, 30 May 2016 13:09:23 +0000 (15:09 +0200)]
mediawiki.debug: Use monospaced font for debug toolbar, really
It's "monospace", not "monospaced".
Follow-up to
19679b4f which introduced the mistake and
58920c46 which
incorrectly fixed it.
Change-Id: I898486baafebec13f42649ad2da832eb8a8ff1dd
Paladox [Mon, 30 May 2016 12:14:51 +0000 (13:14 +0100)]
Add single quotes around monospaced in less
Follow-Up: I3e3a7c110d4ceae8c1b65b35bf17b34fed7f68f8
Failed in
11:45:13 Running "stylelint:src" (stylelint) task
11:45:15 >>
/home/jenkins/workspace/mediawiki-core-npm-node-4.3/src/resources/src/mediawiki/mediawiki.debug.less
failed:
11:45:15 >> Line 98, column 15: Expected single quotes around font-family
name "monospaced" (font-family-name-quotes) (error)
11:45:15
Which this patch fixes.
Caused I278f6ef063d37c1b6325da76edc9f34b01c27087 to fail which this also
fixes.
Change-Id: I10f64ec5517176a43c292599e4bdb1ad7098929d
jenkins-bot [Mon, 30 May 2016 12:37:34 +0000 (12:37 +0000)]
Merge "API: Fixes for AuthManager"
jenkins-bot [Mon, 30 May 2016 12:31:51 +0000 (12:31 +0000)]
Merge "Typo fix for AuthPluginPrimaryAuthenticationProvider::providerAllowsAuthenticationDataChange"
Brad Jorsch [Tue, 24 May 2016 18:05:52 +0000 (14:05 -0400)]
API: Fixes for AuthManager
* Set API response metadata on the AuthenticationRequest metadata so it
is output as an assoc generally.
* Remove the 'image' field in AuthenticationRequest::getFieldInfo()'s
response, since we ended up not using it anywhere.
* Make it so meta=authmanagerinfo can be used on private wikis without
logging in, so action=clientlogin can be used to log in.
** This generalizes the exception for meta=tokens that was added in
I83dafb030.
* ApiAuthManagerInfo needs the "messageformat" parameter.
* ApiAuthManagerInfo shouldn't be publically cached, since the responses
vary depending on session state.
Change-Id: Iea5ddb4ef9febed18f16a7ae8314968026f39148
jenkins-bot [Mon, 30 May 2016 12:22:30 +0000 (12:22 +0000)]
Merge "Fix required field calculation in AuthenticationRequest"
Gergő Tisza [Sun, 29 May 2016 21:14:28 +0000 (21:14 +0000)]
Fix required field calculation in AuthenticationRequest
Instead of only flagging fields which are required by a request
needed by all primairy providers, it should be enough if all
requests needed by some primary provider require that field.
Also make CreationReasonAuthenticationRequest non-required so that
the list of required form fields is more in sync with that of
pre-AuthManager code.
Bug: T85853
Change-Id: I9d33bd22295758cc532a260b1848616b41d94f12
Ori Livneh [Mon, 30 May 2016 09:47:48 +0000 (09:47 +0000)]
Merge "Make number of PBKDF2 iterations used for deriving session secret configurable"
jenkins-bot [Mon, 30 May 2016 09:11:51 +0000 (09:11 +0000)]
Merge "Use monospaced font for the debug toolbar"
jenkins-bot [Mon, 30 May 2016 09:11:30 +0000 (09:11 +0000)]
Merge "EditPage: Do not resolve redirect on cancel button"
saper [Sun, 12 Apr 2015 23:40:35 +0000 (01:40 +0200)]
Use monospaced font for the debug toolbar
Debug output seems to be much more readable
with the monospaced font.
Change-Id: I3e3a7c110d4ceae8c1b65b35bf17b34fed7f68f8
jenkins-bot [Mon, 30 May 2016 08:59:46 +0000 (08:59 +0000)]
Merge "SpecialUpload: Separate style only module"
jenkins-bot [Mon, 30 May 2016 08:12:41 +0000 (08:12 +0000)]
Merge "Add support for icu-ta collation"
Ori Livneh [Mon, 30 May 2016 04:21:00 +0000 (21:21 -0700)]
wikimedia/cdb: 1.4.0 => 1.4.1
Updated for I5a7a9f259: stop using wikimedia/assert
Change-Id: I8c867eeb3e6612b85db1373e5a25565861174f07
Derk-Jan Hartman [Sat, 28 May 2016 20:55:39 +0000 (22:55 +0200)]
SpecialUpload: Separate style only module
Move the style into a style only module, because it is used
independant of the javascript module. Add the new style module as a
dependency for the javascript module.
Bug: T136364
Change-Id: If34483fdc50dc130a4bcf3d163b34b954f2269bb
Translation updater bot [Sun, 29 May 2016 19:53:53 +0000 (21:53 +0200)]
Localisation updates from https://translatewiki.net.
Change-Id: Id11f3672bf50a6ce9521295db140c6c0f2e9d0f9
Gergő Tisza [Sun, 29 May 2016 14:00:23 +0000 (14:00 +0000)]
Typo fix for AuthPluginPrimaryAuthenticationProvider::providerAllowsAuthenticationDataChange
Change-Id: I7c05ea91009cdf765b06438e055de891e0edd1f4
jenkins-bot [Sun, 29 May 2016 10:42:19 +0000 (10:42 +0000)]
Merge "WatchedItemStore: Use callable type hint instead of Assert library"
Fomafix [Sat, 28 May 2016 20:21:07 +0000 (20:21 +0000)]
EditPage: Do not resolve redirect on cancel button
Change-Id: I9343c7e97cee7fa6550b186e6a6ffbf3438060a4
jenkins-bot [Sat, 28 May 2016 20:14:56 +0000 (20:14 +0000)]
Merge "LoginSignupSpecialPage: Load return and returnto params as early as possible"
jenkins-bot [Sat, 28 May 2016 20:14:52 +0000 (20:14 +0000)]
Merge "RollbackAction: Don't return true, causes '1' to be output"
Translation updater bot [Sat, 28 May 2016 19:54:09 +0000 (21:54 +0200)]
Localisation updates from https://translatewiki.net.
Change-Id: I8038db5de26e5efb0b801902e8ce51536af5e47b
jenkins-bot [Sat, 28 May 2016 17:43:42 +0000 (17:43 +0000)]
Merge "mw.ForeignStructuredUpload.BookletLayout: Make licensing links clickable again"
jenkins-bot [Sat, 28 May 2016 17:35:57 +0000 (17:35 +0000)]
Merge "Clean up updatedmarker styling mess"
Florian [Fri, 27 May 2016 14:02:40 +0000 (16:02 +0200)]
SpecialSearch: Use OOUI\ActionFieldLayout for search input and button
This prevents the button from flipping to a new line if the window or
the available width at all is smaller as the width of the input and the
button together. Now, the input will be as small as needed for the button
to be on the same line.
Bug: T134475
Change-Id: Icc68a8e83fc7037b96a5efec2766ffdf453c5413
Florian [Sat, 21 May 2016 23:20:08 +0000 (01:20 +0200)]
LoginSignupSpecialPage: Load return and returnto params as early as possible
They're are needed for a redirect to the target page after
a successful login, which is made before the SpecialPage::execute()
function is called. Loading basic request varaibles in the execute()
function is therefore too late to take effect for the redirect after
a successul authentication with a primary provider, which needs to
redirect the user to another site.
Bug: T135924
Change-Id: I6ded7f9bb255cbb332a5810e7ed3cb3ecfdb2c04
jenkins-bot [Sat, 28 May 2016 15:54:42 +0000 (15:54 +0000)]
Merge "OOUI HTMLForm: Allow specifying whether buttons are framed"
jenkins-bot [Sat, 28 May 2016 15:39:38 +0000 (15:39 +0000)]
Merge "SpecialSearch: Remove obsolete styles"
jenkins-bot [Sat, 28 May 2016 15:39:33 +0000 (15:39 +0000)]
Merge "Separate Special:Search styling info into separate module"
Bartosz Dziewoński [Sat, 28 May 2016 15:17:25 +0000 (17:17 +0200)]
Clean up updatedmarker styling mess
This is the follow-up to
d629541076c29ce4a7ec50d69a5e5969b409f16d
that
b09bfb7bf6b811f9657a606d611a7f889a5e013e meant to be but failed.
It updates the right file this time, and removes the old override for
old skins.
Bug: T134515
Change-Id: I074688562e4da8c7c32d9f2bae67cd601e9b5f65
Ori Livneh [Sat, 28 May 2016 13:25:48 +0000 (06:25 -0700)]
Make number of PBKDF2 iterations used for deriving session secret configurable
The intent is both to allow the number of iterations to be dialed up (either as
computational power increases, or on the basis of security needs) and dialed
down for the unit tests, where hash_pbkdf2() calls account for 15-40% of wall
time. The number of iterations is stored in the session, so changing the number
of iterations does not cause existing sessions to become invalid or corrupt.
Sessions that do not have wsSessionPbkdf2Iterations set (i.e., sessions which
precede this change) are transparently upgraded.
Change-Id: I084a97487ef4147eea0f0ce0cdf4b39ca569ef52
Paladox [Sat, 28 May 2016 12:04:37 +0000 (13:04 +0100)]
Update mediawiki/mediawiki-codesniffer to 0.7.2
Change-Id: I9371faef4b8a0b9c80ec41d8ba08f4ff4936791e
Kunal Mehta [Sat, 28 May 2016 02:30:42 +0000 (19:30 -0700)]
Improve @covers tags for LinkerTest
These hooks are now called from LinkRenderer, so make sure it is
covering the right code.
Change-Id: Ifaa28d471f585dce9d968cc1173c7fdceb408239
Kunal Mehta [Sat, 28 May 2016 02:30:14 +0000 (19:30 -0700)]
WatchedItemStore: Use callable type hint instead of Assert library
And remove an unused use statement.
Change-Id: Idb74a564088744d73f71f5ef17e8f84f6e484c69
Derk-Jan Hartman [Fri, 27 May 2016 22:10:57 +0000 (00:10 +0200)]
SpecialSearch: Remove obsolete styles
Remove old Advanced PowerSearch table styles, which seem to not have
been in use for quite some time now.
Change-Id: I4c3013b035e146a8f8ad9622662491934c0c5389
Matthew Flaschen [Sat, 28 May 2016 00:04:01 +0000 (17:04 -0700)]
OOUI HTMLForm: Allow specifying whether buttons are framed
Bug: T136361
Change-Id: Ic31f857c749d62a32cafae68dc3f1cbd86e1e382