Page MenuHomeMiraheze

[YouTube] Create better CI for MediaWiki standards and security
Open, LowPublic

Description

A better CI should be built for the forked YouTube extension, to maintain better code quality by using the MediaWiki standards.

Phan (with phan-taint-check-plugin) should be used to check for certain security vulnerabilities.

It should be created so that GitHub actions will automatically commit minor formatting fixes, that the CI can automatically detect and fix. Thus should have no negative effect, since it wouldn't automatically commit anything but formatting issues.

I am working on doing this.

  • PHPCS
  • Phan

Event Timeline

We should consider deleting our fork of this extension and instead using the upstream version https://github.com/wikimedia/mediawiki-extensions-YouTube. The upstream version seems maintained and our CSP header would prevent loading of services we don't want to be allowed.